last executing test programs:

31.916172952s ago: executing program 1 (id=262):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000001c000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
r1 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10)
sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=@ipv4_newroute={0x24, 0x1a, 0x1, 0x0, 0x0, {0xa, 0x80, 0x0, 0x20}, [@RTA_IIF={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x4004840}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0x2}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
kcmp(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000240)=0x100000001, 0x59)
connect$inet6(r2, &(0x7f0000000200)={0xa, 0xffff, 0x0, @loopback}, 0x1c)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000001400000000000000ff000000850000000e000000850000000700000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x18)
syz_emit_ethernet(0x4a, &(0x7f00000003c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd608a37f200142c00fe8000000000000000000009000000bbfe8000000000000000000000000000aa06000003", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5000000090780000"], 0x0)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f0000000040), 0x4)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f00000000c0)=@gcm_256={{0x304}, "0002002000", "07f217bd74511e465bbbd5de01000000f9044677d4d588363d63af84db44be59", "00f8ff00", "8ce63ecbc640735f"}, 0x38)
r4 = syz_open_dev$sg(0x0, 0x0, 0x401)
ioctl$BLKTRACESETUP(r4, 0xc0481273, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, &(0x7f0000000180)={'veth0\x00', @local})
gettid()
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x2, &(0x7f0000000b80)=@gcm_256={{0x304}, "0000004a650600", "af193cff48100180c120d04ca306000000020000760e1860b008d77e00000300", '8\x00', "bc3a20b10f4ad11e"}, 0x38)
socket$pppoe(0x18, 0x1, 0x0)
close(r2)

31.759019214s ago: executing program 1 (id=265):
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff530000008003950323030302e75"], 0x15)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x31, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000001010000ff7f0000cc00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000004"], 0x50)
pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80000)
write$P9_RVERSION(r0, 0x0, 0x15)
r1 = dup(r0)
write$P9_RLERRORu(r1, &(0x7f0000000540)=ANY=[], 0x53)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket(0x10, 0x3, 0x9)
r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10000, 0x0, 0x2, 0x0, 0x88}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a03020000000000000000020000000900020073797a30000000000900010073797a30000000002c00038008000140000000000800024000000000180003801400010073797a5f74756e00000000000000000014000000110001"], 0x80}}, 0x0)
syz_emit_ethernet(0x3e, &(0x7f0000000100)={@link_local, @local, @val={@void, {0x8100, 0x6, 0x1}}, {@ipv4={0x800, @udp={{0x5, 0x4, 0x1, 0x38, 0x2c, 0x64, 0x0, 0x6, 0x11, 0x0, @local, @local}, {0x4e24, 0x4e23, 0x18, 0x0, @wg=@data={0x4, 0xb, 0xffffffff}}}}}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r4}, &(0x7f0000000180), &(0x7f00000001c0)=r3}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r6}, 0x10)
connect$netlink(r2, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x25dfdbfc}, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0xe0204000}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [], {0x14, 0x11, 0x1, 0x0, 0x0, {0xa}}}, 0x28}, 0x1, 0x0, 0x0, 0x48840}, 0x20000080)
syz_genetlink_get_family_id$tipc2(&(0x7f00000022c0), 0xffffffffffffffff)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_MASTER={0x8}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x0)
write$RDMA_USER_CM_CMD_SET_OPTION(r1, &(0x7f0000000240)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r7 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="020e0000150000000000000000000000030005000000000002004e24ac1e00010000000000000000030006003c000000020000fc34000000000000000000000001001800000000000800120000000200fcffffff0000000006003300000000000000000000000000fe8000000000000000000000000000aa0000000000000000000000000000000004"], 0xa8}}, 0x0)

31.455032409s ago: executing program 0 (id=268):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0xfffffffffffffdd0, 0x0, 0x41000}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x2c, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='workqueue_queue_work\x00', r3}, 0x18)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYRES32=<r5=>0xffffffffffffffff, @ANYRESOCT=r3], 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
execveat(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r6}, &(0x7f0000000040), &(0x7f0000000280)='%-010d \x00'}, 0x20)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000500)=ANY=[@ANYRESOCT=r5], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r9}, 0x10)
r10 = add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
add_key(&(0x7f0000000100)='asymmetric\x00', 0x0, &(0x7f0000000140)="10", 0xfffff, r10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r8}, 0x10)
shmget$private(0x0, 0x1000, 0x40, &(0x7f0000ffc000/0x1000)=nil)
r11 = memfd_secret(0x0)
ioctl$TIOCL_UNBLANKSCREEN(r11, 0x541c, &(0x7f0000000540))
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000380)='kfree\x00', r12}, 0x18)
r13 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r13, 0x29, 0x2a, &(0x7f0000000140)={0x0, {{0xa, 0x0, 0x0, @mcast2}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r13, 0x29, 0x30, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b000000000000000a00000000000000ff020000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000a00000000000000fe8000000000000000000000000000bb"], 0x190)

31.4242395s ago: executing program 1 (id=269):
r0 = memfd_create(&(0x7f00000001c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1a\x16\xb0\xc6]!rN-e\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85Q\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~Mx\x02\x00(v\xe6`\x026\xfcgC\xb6\xf0\x13.zb\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xf0\xc1\xd4\x88\x00A\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x80\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x06\x00$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F91 ^x\x85\x80[\xa3B\n#!\xc2R\xdd\xf4)\xba\x1e\xfb6U\xabc\xda\x9a)\xc3\x9a\x06\xc5\xccP)\xdf.\xa7-\x84\xdf8\xbf\xfc1^}B\xee\xccR/z\x1e\xe8\x1e\x99\x99\n\xf4u\xd4\xbd^L\xb2j\xda\xff\x1d\x10\xc8\xad\xbd_OI\xb1\xe8y\x003\a\x06\x92\x8e\n\x8b\b\xd4G\x85\xbd\x1a\x81+3\x99jq\xd1\xacK^\xef\xb6!8\xcd?\x1e\\\x16W2\xbd4$zn\xa9\x7f\x9dE\xaf\x0f\xdb\xe0\xfa\x10\xc3\xb2\xf8\x80\x8c\xec$\xda\xc0\x94y1\t\xc5`\xda\xca\xd1gs\x1341\xdc\x04\x9a@\xc2\x81\x17\'\xf8D\xfa\"_{E?^\xa03\xb9\xf0\xfd\x12\xbd\x80%\x93x>\xa8', 0x4)
write$binfmt_misc(r0, &(0x7f0000000180)="e502", 0x2)
execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

31.36320732s ago: executing program 0 (id=271):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="50000000150019092dbd7000fddbdf250a182000", @ANYRES32, @ANYBLOB="140002"], 0x50}, 0x1, 0x0, 0x0, 0x80cf}, 0x400c040)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, &(0x7f00000000c0)=0x468a, 0x4)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000040)={'vxcan1\x00'})
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffc4, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r3}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)

31.36258071s ago: executing program 1 (id=272):
r0 = socket$kcm(0xa, 0x1, 0x106)
sendmsg$kcm(r0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x20000010)
setsockopt$sock_int(r0, 0x1, 0x1, &(0x7f0000000040)=0x80000001, 0x4)
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x10, 0x0, @fd_index=0x3})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_io_uring_setup(0x83f, &(0x7f00000000c0)={0x0, 0xa9ee, 0x0, 0x3, 0x8002ae}, &(0x7f0000000140)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x2000044, &(0x7f0000000040)={[{@errors_remount}, {@jqfmt_vfsold}, {@quota}]}, 0x2, 0x500, &(0x7f0000000b00)="$eJzs3U9sI1cZAPBvJn/sTdMmhR4AFbqUwoJWayfeNqp6oZwqhCoheuSwDYkTRbHjKHZKE/aQPXJHohInOHHmgMQBqSfuSBzgxqUckAqsQA0SByOP7V3njzfWbmzvxr+fNJo38+L53tvRvGd91s4LYGJdj4ijiJiNiPcjYqFzPuls8XZ7a/3dZ/fvrh3fv7uWRLP53j+TrL51Lno+0/Jc55r5iPjBOxE/Sk4F/VNE/eBwe7VSKe91ThUb1d1i/eDw1lZ1dbO8Wd4plVaWV5bevP1G6dL6+kr1N59ei4jf/+7Ln/zx6Fs/aTVrvlPX24/L1O76zIM4LdMR8b1hBBuDqU5/Zh/nw4/1IS5TGhGfi4hXs+d/Iaayu3nSydv07RG2DgAYhmZzIZoLvccAwFWXZjmwJC10cgHzkaaFQjuH91LMpZVavXFzo7a/s97OlS3GTLqxVSkvdXKFizGTbGxNl5ezcve4Ui6dOr4dES9GxM9y17Ljwlqtsj7OLz4AMMGeOzX//yfXnv8BgCsu/7CYG2c7AIDRyY+7AQDAyJn/AWDymP8BYPKY/wFg8pj/AWDymP8BYKJ8/913W1vzuPP+6/UPDva3ax/cWi/XtwvV/bXCWm1vt7BZq21m7+ypXnS9Sq22u/x67H9YbJTrjWL94PBOtba/07iTvdf7TnlmJL0CAB7lxVc+/ksSEUdvXcu26Hnf/4Vz9cvDbh0wTOm4GwCMzdS4GwCMzdnVvoBJIR8P9CzRe6/ndP5M4bSPBrp8at1QePrc+OIT5P+BZ5r8P0yux8v/+y4PV4H8P0yuZjOx5j8ATBg5fiC5oL739/+lZs/BYL//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJU0n21JWuisBT4faVooRDwfEYsxk2xsVcpLEfFCRPw5N5NrHS9HhHWDAOBZlv496az/dWPhtfnTtbO5/+ayfUT8+Bfv/fzD1UZjbzliNvnXg/ONjzrnS+NoPwBwke483Z3Huz67f3etu42yPZ9+p724aCvucWdr10zHdLbPZ7mGuX8nneO21veVqUuIf3QvIr5wXv+TLDey2Fn59HT8VuznRxo/PRE/zera+9a/xecvoS0waT5ujT9vn/f8pXE925///OezEerJdce/4zPjX/pg/JvqM/5dHzTG63/47pmTzYV23b2IL01HHHcv3jP+dOMnfeK/NmD8v778lVf71TV/GXEjzut/ciJWsVHdLdYPDm9tVVc3y5vlnVJpZXll6c3bb5SKWY662M1Un/WPt26+0C9+q/9zfeLnL+j/1wfs/6/+9/4Pv/qI+N/82vn3/6VHxG/Nid8YMP7q3G/z/epa8df79P+i+39zwPif/O1wfcA/BQBGoH5wuL1aqZT3hl1Ihx8iKyQRRyPoTruQ+/VP3xlVrCEW4ulohsLTVBj3yAQM28OHftwtAQAAAAAAAAAAAAAA+hnFfycadx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//5iA1Hs=")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x103042, 0x80)
write$P9_RREAD(r4, &(0x7f0000000500)={0xb7, 0x75, 0x1, {0xac, "2a028b66561f958e24210c1f848eb4bcf1f1d54319f9cbd0ba0d9bfb4bc6ba63232f46757f0153123e667305093abb023353ee2e4c7a27d30883e984d92248fe92af7a0cd33962dd86e00be2ff926710943b8c74d9821cdaff4f021a2372e5484cf1666b9c42bb61af89a5278f5c2ba2ab5b3e8f29a528026a74a9a6a31b287eab68a5c98040690543993c235a7fd3a83cb80c6ba48bcaf5064241f2b0c33994cc51554eeb587d5006e70669"}}, 0xb7)
ioctl$FS_IOC_ENABLE_VERITY(r4, 0x8004587d, &(0x7f0000000340)={0x2, 0x2, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x109880})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00'}, 0x18)
io_uring_enter(r1, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
set_mempolicy(0x4005, &(0x7f0000000080)=0x7e, 0xd)
syz_clone(0x42000000, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @fallback=0x3c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r5, 0x0, 0x9}, 0x18)
r6 = add_key$keyring(&(0x7f0000000600), &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r6, &(0x7f0000000040)='asymmetric\x00', &(0x7f0000000000)=@chain)
symlink(&(0x7f0000001780)='./file0/../file0\x00', &(0x7f00000017c0)='./file0\x00')
rename(&(0x7f0000000440)='./file0/../file0\x00', 0x0)
prctl$PR_SET_FPEMU(0xa, 0x1)

31.252696442s ago: executing program 0 (id=275):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
syz_open_dev$sg(0x0, 0x0, 0x8002)
write$sndseq(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r2, 0x0, 0x20000010)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r4], &(0x7f0000001b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
socket(0xa, 0x801, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r6)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r6, &(0x7f0000000480)={0x0, 0x14, &(0x7f0000000580)={&(0x7f0000000540)={0x1c, r7, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x33}, @void}}}, 0x1c}}, 0x4000054)
ioctl$PPPIOCNEWUNIT(r3, 0xc004743e, &(0x7f0000000140))
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000180)={0x1, &(0x7f0000000000)=[{0x8, 0x0, 0x3, 0x1000}]})
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @queue}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @time=@time}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @result}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time}], 0x8c)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
open(&(0x7f0000000040)='./file2\x00', 0x181042, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000d80)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r9}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000200)={[{@init_itable_val={'init_itable', 0x3d, 0x8000}}, {@nodiscard}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@jqfmt_vfsold}, {}, {@nobarrier}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000480)='mm_page_free\x00', r8}, 0x18)
syz_open_dev$usbmon(&(0x7f00000000c0), 0xcfae, 0x84102)

30.943173696s ago: executing program 1 (id=279):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000bb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000700)='kfree\x00', r1}, 0x18)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=@newtfilter={0x8c, 0x2c, 0xd27, 0x30bd25, 0x25df9bfb, {0x0, 0x0, 0x0, r5, {0xd, 0xe}, {}, {0x7}}, [@filter_kind_options=@f_route={{0xa}, {0x54, 0x2, [@TCA_ROUTE4_ACT={0x50, 0x6, [@m_csum={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0xa, 0x5, 0x20, 0x7, 0x8}, 0x39}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x1, 0x3}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0xfc, 0x3}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x8010}, 0x0) (fail_nth: 1)

30.789328469s ago: executing program 0 (id=281):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000000)={[{@usrquota}, {@data_err_ignore}]}, 0xfe, 0x55b, &(0x7f0000000980)="$eJzs3c9vFFUcAPDvbFt+FaUkhKgH04SDGGRLW39g4gGPRokkesdNOzSkW5Z0t4RWEuEgFy+GmBgjifEP8O6R+A/4V5AoCTGk0YOXNbOdhaXdH6UsdGU/n2TgvXmzvHkz8328t283G8DQmsz+KES8GhHfJhGHWspGIy+c3Dhu/cG1uWxLol7/7K8kknxf8/gk/3s8z7wSEb99HXGisLXe6uraYqlcTpfz/FRt6fJUdXXt5MWl0kK6kF6amZ09/c7szPvvvbv1xXt31tY3z/3zw6d3Pjr9zbH173+5d/hWEmfiYF7W2o6ncL01MxmT+TUZizObDpzuQ2WDJNntE2BHRvI4H4usDzgUI3nUAy++ryKiDgypRPzDkGqOA5pz+67z4PqLN8u7/+HGBGhr+5ON90ZiX2NudGA9eWxmlF2JiT7Un9Xx65+3b2Vb9O99CICert+IiFOjo4/1fy9HS/+3c6e2cczmOvR/8PzcycY/b+1tM/4pPBz/RJvxz3ib2N2J3vFfuNeHajrKxn8ftB3/Ply0mhjJcy81xnxjyYWL5TTr27Ju8niM7c3y3dZzTq/frXcqax3/ZVtWf3MsmJ/HvdFN613zpVrpadrc6v6NiNd6jH+TNvc/ux7ntlnH0fT2653Kerf/2ar/HPFG2/v/aK6TdF+fnGo8D1PNp2Krv28e/b1T/bvd/uz+H+je/omkdb22+uR1/LTv37RT2WSSL5o+4fO/J/m8kd6T77taqtWWpyP2JJ9s3T/z6LXNfPP4rP3Hj7WP/27P//6I+GKb7b955GbHQwfh/s8/0f3vkKgnHYvufvzlj53q317/93YjdTzfs53+r8uZPpZ4mmsHAAAAAAAAg6YQEQcjKRQfpguFYnHj8x1H4kChXKnWTlyorFyaj8Z3ZSdirNBc6R5v+TzEdP552GZ+ZlN+NiIOR8R3I/sb+eJcpTy/240HAAAAAAAAAAAAAAAAAACAATHe4fv/mT9GdvvsgGfOT37D8OoZ//34pSdgIPn/H4aX+IfhJf5heIl/GF7iH4aX+IfhJf5heIl/AAAAAAAAAAAAAAAAAAAAAAAAAAAA6KtzZ89mW339wbW5LD9/ZXVlsXLl5HxaXSwurcwV5yrLl4sLlcpCOS3OVZZ6/XvlSuXy9EysXJ2qpUltqrq6dn6psnKpdv7iUmkhPZ+OPZdWAQAAAAAAAAAAAAAAAAAAwP9LdXVtsVQup8sSEjtKjA7GaUj0ObHbPRMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPPJfAAAA//9j0zaD")
r0 = open(&(0x7f0000001b80)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000001c0)=0x20000008)
renameat2(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000001240)='./file0/file0\x00', 0x2)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000540)='inet_sock_set_state\x00', r3}, 0x18)
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000ac0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000003c0)={{r4, <r5=>0xffffffffffffffff}, &(0x7f0000000340), &(0x7f0000000380)='%-5lx  \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000580)={r5}, 0x4)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r7}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
readahead(0xffffffffffffffff, 0x92e, 0x6b1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000c40)='sys_enter\x00'}, 0x10)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000400)='rss_stat\x00', r8, 0x0, 0x3}, 0x18)
prctl$PR_SET_NAME(0xf, &(0x7f0000000040)='GPL\x00')
syz_clone(0x20940200, 0x0, 0x9, 0x0, 0x0, 0x0)
tee(0xffffffffffffffff, 0xffffffffffffffff, 0xfffffffffffffc01, 0x0)

30.68226842s ago: executing program 1 (id=282):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r3)
sendmsg$NFC_CMD_DEV_UP(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="38000100cc582099d7d835c30f88083dd9891327a46f442c4fa59f49b12093b7ca86eb5f9c4dd5927ba57a5025d43031393f237f463c6cded9c9e2e60520a5424d7c13ad33f37a82009099c2dfc2483397d583be94da2b57403b0d1095eb6143b88f26c7199a9a788285c8a87a14de1d58ca5bcbad3bbbf56b26652c7b25163d6c82cc9a2f49dde4149a8755c2cae160e58635b5f9a14ae1ea2d5aa1888db986d7e95c25717a026a53a4fe279a6355", @ANYRES16=r4, @ANYBLOB="010023010000340200000200000008000100", @ANYRES32=r2, @ANYBLOB], 0x1c}}, 0x0)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0xe, 0x7fff0000}]})
close_range(r5, 0xffffffffffffffff, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70200001400000bb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000700)='kfree\x00', r6}, 0x18)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
r8 = socket(0x400000000010, 0x3, 0x0)
r9 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r10, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=@newtfilter={0x8c, 0x2c, 0xd27, 0x30bd25, 0x25df9bfb, {0x0, 0x0, 0x0, r10, {0xd, 0xe}, {}, {0x7}}, [@filter_kind_options=@f_route={{0xa}, {0x54, 0x2, [@TCA_ROUTE4_ACT={0x50, 0x6, [@m_csum={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0xa, 0x5, 0x20, 0x7, 0x8}, 0x39}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x1, 0x3}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0xfc, 0x3}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x8010}, 0x0)

30.68165701s ago: executing program 32 (id=282):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r3)
sendmsg$NFC_CMD_DEV_UP(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="38000100cc582099d7d835c30f88083dd9891327a46f442c4fa59f49b12093b7ca86eb5f9c4dd5927ba57a5025d43031393f237f463c6cded9c9e2e60520a5424d7c13ad33f37a82009099c2dfc2483397d583be94da2b57403b0d1095eb6143b88f26c7199a9a788285c8a87a14de1d58ca5bcbad3bbbf56b26652c7b25163d6c82cc9a2f49dde4149a8755c2cae160e58635b5f9a14ae1ea2d5aa1888db986d7e95c25717a026a53a4fe279a6355", @ANYRES16=r4, @ANYBLOB="010023010000340200000200000008000100", @ANYRES32=r2, @ANYBLOB], 0x1c}}, 0x0)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0xe, 0x7fff0000}]})
close_range(r5, 0xffffffffffffffff, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70200001400000bb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000700)='kfree\x00', r6}, 0x18)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
r8 = socket(0x400000000010, 0x3, 0x0)
r9 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r10, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=@newtfilter={0x8c, 0x2c, 0xd27, 0x30bd25, 0x25df9bfb, {0x0, 0x0, 0x0, r10, {0xd, 0xe}, {}, {0x7}}, [@filter_kind_options=@f_route={{0xa}, {0x54, 0x2, [@TCA_ROUTE4_ACT={0x50, 0x6, [@m_csum={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0xa, 0x5, 0x20, 0x7, 0x8}, 0x39}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x1, 0x3}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0xfc, 0x3}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x8010}, 0x0)

30.563204492s ago: executing program 0 (id=286):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="50000000150019092dbd7000fddbdf250a182000", @ANYRES32, @ANYBLOB="140002"], 0x50}, 0x1, 0x0, 0x0, 0x80cf}, 0x400c040)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, &(0x7f00000000c0)=0x468a, 0x4)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffc4, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r3}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)

29.95084074s ago: executing program 0 (id=290):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0b00000007000000010001004900000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
execveat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x800)
bpf$PROG_LOAD(0x5, &(0x7f0000006300)={0x6, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000390000000000000000000000850000004100000085000000a000000095"], &(0x7f0000000580)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @xdp=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4000003}, 0x94)
r3 = socket(0x10, 0x803, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x1, 0x100000000, &(0x7f00000000c0))
set_robust_list(&(0x7f0000000140)={0x0, 0x1}, 0x18)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000014feb49500000000065200000a000000", @ANYRES32, @ANYBLOB="14000b00fe8000000000000000000000000000aa080009003f0c0000140001"], 0x48}}, 0x0)

29.917810231s ago: executing program 33 (id=290):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0b00000007000000010001004900000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
execveat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x800)
bpf$PROG_LOAD(0x5, &(0x7f0000006300)={0x6, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000390000000000000000000000850000004100000085000000a000000095"], &(0x7f0000000580)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @xdp=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4000003}, 0x94)
r3 = socket(0x10, 0x803, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x1, 0x100000000, &(0x7f00000000c0))
set_robust_list(&(0x7f0000000140)={0x0, 0x1}, 0x18)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000014feb49500000000065200000a000000", @ANYRES32, @ANYBLOB="14000b00fe8000000000000000000000000000aa080009003f0c0000140001"], 0x48}}, 0x0)

5.952780964s ago: executing program 6 (id=568):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f00000001c0)={'ipvlan1\x00', 0x400})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB="0500000004000000080000000b"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000480)='kfree\x00', r2, 0x0, 0x7fffffffffffffff}, 0x18)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143441, 0x98)
mount(0x0, &(0x7f0000000300)='./file1\x00', &(0x7f00000003c0)='ramfs\x00', 0x0, 0x0)
r3 = open(&(0x7f0000000740)='./bus\x00', 0x143c62, 0x0)
r4 = socket$inet(0x2, 0x2, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r5, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x24}}, 0x0)
sendmsg$NFULNL_MSG_CONFIG(r5, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000280)=ANY=[], 0x24}}, 0x0)
setsockopt$sock_int(r4, 0x1, 0x46, &(0x7f0000000100)=0x1, 0x4)
inotify_add_watch(r3, &(0x7f0000000340)='./file1\x00', 0x25000210)
mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000300)='trans=rdma,')
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f00000006c0)={0x0, 0x0, 0x0, {0x0, 0x1}, {0x4b, 0x2}, @period={0x0, 0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0}})
r7 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x822b01)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$batadv(&(0x7f0000005c00), r8)
sendmsg$BATADV_CMD_GET_GATEWAYS(r8, &(0x7f0000005d00)={0x0, 0x0, &(0x7f0000005cc0)={&(0x7f0000005c80)={0x1c, r9, 0x711, 0x70bd2b, 0x25dfdbfe, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8}]}, 0x1c}, 0x1, 0xf0ffff, 0x0, 0x4000084}, 0x10)
write$char_usb(r7, &(0x7f0000000040)="e2", 0x12d8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
r10 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_RX_RING(r10, 0x11b, 0x2, &(0x7f00000004c0)=0x1000000, 0x4)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000200)={[{@nomblk_io_submit}, {@quota}, {@commit={'commit', 0x3d, 0x1}}, {@minixdf}, {@quota}, {@lazytime}, {@min_batch_time}], [{@appraise}]}, 0xff, 0x457, &(0x7f0000000f80)="$eJzs3MtvG8UfAPDvrpP8fumDhFIefQCB8qh4JE1aoAcuIJA4gIQEh3I0SVqVug1qjESrCgJC5YgqcUcckfgLONELAk5IXOHADVWqUC8tnIzW3m1s106T1IlL/flIG8/sjjXzzezYszu2AxhYE9mfJGJbRPwWEWONbGuBicbDtSvnZv++cm42iVrtrb+SermrV87NFkWL523NM/vTiPSzJPZ0qHfxzNkT5Upl/nSen6qefH9q8czZZ4+fLB+bPzZ/aubw4UMHp194fua5nsSZxXV190cLe3e99s6FN2aPXHj3p2+TIv62OHpkYqWDj9dqPa6uv7Y3pZOhPjaENSlFRNZdw/XxPxalWO68sXj10742DthQtVyXw0s14A6WRL9bAPRH8UafXf82ttLmTT5uA5dfalwAZbFfy7fGkaFI8zLDbde3vTQREUeW/vkq22Jj7kMAALT4Ppv/PNM8/yvmH2nc11TurnwNZTwi7o6IHRFxT0TsjIh7I+pl74+IB1Zb8Ujn3TfOf9JL6wpslbL534v52lbr/K+Y/cV4Kc9tr8c/nBw9Xpk/0Di2lP3J8tMr1HHxlV+/6Hasef6XbVn9xVwwb8elof/lydH8sVwt30LILS5/ErF7qFP8yfWVgCQidkXE7nXWcfypb/Z2O3bz+FfQg3Wm2tcRTzb6fyna4i8kK69PTv0/KvMHpprOijY//3L+zW7131L8PZD1/5aO5//1+MeT5vXaxbXXcf73z7te06zp/M/NlavlkeTterp4GfmwXK2eno4YSV5vNLp5/8zyc4t8UT6Lf/++zuN/Ryz/J/ZERHYSPxgRD0XEw3nbH4mIRyNi3wrx//jyY++tP/6NlcU/t6b+X06MRPuezonSiR++a6l0fC3xZ/1/qJ7an+/J+r/1Qwo3Wk271nc2AwAAwH9PGhHbIkknr6fTdHKy8Rn+nbElrSwsVp8+uvDBqbnGdwTGYzgt7nSNNd0Pnc4v64v8TFv+YH7f+MvSaD0/ObtQmet38DDgtnYZ/5k/B+ujQDCYfF8LBpfxD4PL+IfBZfzD4Oow/kf70Q5g83V6//84Ii4+0YfGAJuqbfxb9oMB4vofBpfxD4NrFeP/jzvr56qBiFgcjZt/Sb4XieLnVG48VIqNr12i54lIb4tmSGxQos8vTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD3ybwAAAP//zzzoMQ==")
r11 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r11)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180))

4.79503502s ago: executing program 6 (id=580):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000280)=@framed, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = memfd_create(&(0x7f0000000a80)='\x00\xc76\xbe\x91\x8d\x182)!\x9a%\xd9\x19\x17\xb0\xed|\xb3\xc2\x017h\xe9kL\xa2\xd28\xd6\x06\a\x0e\xfc\xfe\x12\x8f&\x13\xae%@T\xa3\xb0>\\\xec\xa9\xf9Q@6A\x10\x8cn|\x00\x00\x00\x00\x00\x00\x00\x00\xeb0\xdd\xe8\x87\x05=\xfb\x8b$\xdcQ\xee\xc5\x1f\x8bQ\xf7fo\"i\xa1hk\x1d\xf5z\xc1\x7f\xa4\\]\xc4\xbe3\xf9\xa8\t?:\xd8\xda\x84\xeepI[\x1c\x00\x00\x00\x00\xf9v\x00\x00\x00\x00\x00T\xb6\xbe\x0f~\xc0\x92\xe9O{\xa8\x81(\x01\x14\xfc\x83\xf9\xfb\x05\x94Tr@Lq]\xf9\x15zj\x87\xc4\x8e\xe8/\xb9-&R\x8e\xb2\xb3bBx\x1e1\x18\x8f2\xf7]#\xed,\xc7\x03\x00\x00\x00\xa3\xee\xcb\xaf\xb3\xe3\'}\x18\xe8O\xa8#K\xb6\xe4R$\xaa\x00U\x92\xd2\x99\xb8<X\xfa\xdd\x8a6\xa1\x82\xf7r\xd8z\x85\x8do\xa5\xed\xd4\xbc8\xfb\x16\x8e\x8b-W\xd4\xc9\xbc\x94CR[Du8U^\xf2tl8\xfe\xd0\x94\xfe\xf5\x1c+\x00U\te\xfa6\xca\xb9\xb4Q\xd9\xee\r6\x861h{\xc7z\'F\xc7\x91\x06x\xe1`\xf1:\xbd+\xd5\f\xb2\xce\xa4\x06\x90\x90\x9b\x1d\xcaa\xf7\x8f\x9e\x80\x93\xafT\xdfl\xec\xc6\x8e\x96', 0x5)
fsetxattr$security_selinux(r1, &(0x7f0000000480), &(0x7f00000004c0)='system_u:object_r:hwdata_t:s0\x00', 0x1a, 0x0)
syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301)
io_setup(0x1, &(0x7f00000012c0)=<r2=>0x0)
r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{}, 0x0, 0x0}, 0x20)
bpf$MAP_CREATE(0x4000000000000000, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r4}, 0x10)
ioprio_set$uid(0x3, 0x0, 0x0)
io_submit(r2, 0x1, &(0x7f0000000140)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x8, 0x0, r3, &(0x7f0000000080)="4e8fc38e", 0xb, 0x200000000004}])

4.717681232s ago: executing program 3 (id=582):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800614, &(0x7f0000000500), 0x3, 0x485, &(0x7f0000001500)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x2000000, 0x3032, 0xffffffffffffffff, 0x0)
r0 = socket$unix(0x1, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vxcan0\x00', <r1=>0x0})
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r2, &(0x7f0000000200)={0x1d, r1}, 0x10)
r3 = socket$netlink(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r7, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r8}, 0x10)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
sendmsg$can_bcm(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="01000000d7fe68ca7e4d5d5bdbe70000", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=r1, @ANYRES64=r0, @ANYBLOB="3bf81bb9e9"], 0x20000600}}, 0x0)
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00', r9}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000640), 0xffffffffffffffff)

4.626784673s ago: executing program 4 (id=583):
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x1000000, &(0x7f0000000000)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000"], 0x1, 0x2bb, &(0x7f0000000440)="$eJzs3UFrE1sYxvGnTW+TprTJhcuFe0E96EY3oY0fQIO0IAaU2hR1IUztREPGpMyESkRsNuLWD+Gq6M6doC7ddCNu3LsrguCmC3HETNImbVrTNklj+/9BmTd5z8OcttPyptDJ2o1n9/NZL5G1ShqMGA1KFa1L8V9VzUDtOFith9WoonOj3z6duH7z1pVUOj01Y8x0avZ80hgzfurNg0cvTr8rjc69Gn8d1mr89trX5OfVf1f/W/sxey/nmZxnCsWSscx8sViy5h3bLOS8fMKYa45tebbJFTzbbepnneLiYtlYhYWx6KJre56xCmWTt8umVDQlt2ysu1auYBKJhBmL6ngbamNNZmVmxkrt2PZDHd0Rum6k1ZOum6q0bmZWerAnAADQZ3af/4NZf+f5Pz0XHNua/18+l9qb/6VOzv8DPf2C9rlK06PfzP84Elw3ZUVrP7/NmP8BAAAAAAAAAAAAAAAAAAAAAPgTrPt+zPf9WP1Y/whLikiqPz7sfaI79vn9v3BI20WHNfzjXkRyni5lljLBMeinssrJka0JxfS9ej3UBPX05fTUhKmK662zXMsvL2VCCtfzdfFW+ZN/TwZ505z/S9HG8ycV0z+tz59smR/W2TMN+YRi+nBHRTlaqF7Xm/nHk8Zcuprekh+prgMAAAAA4ChImA3bXr9X+9UFEW3vB/k9/H1gy+vrIf3fzi0qAQAAAADAgXnlh3nLcWx3H0VY0gHieyj8ga6fonNFSH2xjS3FRUl9sI1eFRFJwTNmP/EvG/G2Un4ba4YkHfTzivTw0jrs30wAAAAAOm1z6N9D6OOTLu4IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDjp937gdXXb2vVG7vEG04X0vuNtwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjp2fAQAA//91iCZA")
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0xd9}, 0x50)
r0 = memfd_create(&(0x7f0000000b40)='Y\xff\xff\x00\x00\x00\x00\x00K\xb2\x02\x80B\xe9\xe8\xcc\xde\x06\x00l\xa8\x1aJ\xaf\xb2M\xba\xb8_\x05U\xcd<|>\x9e\xec^\x0e\xbe\x18+-\x9b\x893\x02\x00\xa6\x1f+\xb3\xc5\x90z5\xe0\xdfi\xb7\x9f\xb4QW\xc9\xc9\x92\x03\t\x00\x00\x00\x00\x00\xb2\x0f\xee\xbe\f8\xcc\x7f\x00\x00\x00Z\x81\x00\x00\x00\x00\x18I\x13\xf1\xa2x\x04\x81R\xd45R\xae\x84\xcdN\xf7\xf6\b~\xed_M^dQ:\xbc\xafq\x88\x19nSF|;]\xe1A\x8c\x8a\x98\xd7|\xadNaC\xa6\xf9\xa7>c\x84\xd8\xfa\xf1\r\xb1\xfd\xbf!\xc7u\xccP\xdd\x13~\x89\xcf\x85\xca\xa0%\xc6\xc7\x11\x00\x00\x00\x00\x00\x00\x00?M9\\\av~\'\xd9\xb0\xacdya]8\x9d\xb7\v\xf39\xc5{\x9c!\x0f/\xb8g8\xb9\x8d\x19\xe2\xca\x01y\x83\xe7\ng\x87\xd93<u\xbe\xeag\xd2\x04e\xf2s\xde}o#\x90\xda\x9cs,r\xfd:\xcb\xc7\vTmPZH\xac\x8b\xd0\xc0\xbcRK\xcb\x1e8\xce\xbd[N\xb0\xb4<\xeb\x86[\xec\x8f\x14\xea\x82\x9e&\\\xb7!\xed\xa0\xc3,\x90m\x0f\x00\x00\x00\x00\x00\x00\xff\xd0\xb3\x94\x00\x00\x00\x00\x00\x00\x00\x9dH\xf8\xffRo\xa3W\xe1\x0f\x8eS\xaeX\x93\x7f\xd3\xb9a\xe4\xe0\xbd\xd9\xf5\xe4e\xf9\xcam\xe3\x03\xe4\xad\xd5&A\x02\xc8\xa9\xfe\xcb\x87\xd9\xd3\x84\f\xc08T~\xc4\xbd\x90?\x1f\x9c\x9b0\x19 \x9f\xd1p`\xc0/\x00u\x19\x1d\xac\xe8%\xb7\t\x9f4\xbb\x89\xe9\xc1\x81\xb0\xd6\xf7\x05\x16\xb9\xe9\xdc~\xd3-s\xe6;\x94\x1c^\x06\xdav;\xccD\x95sj\xe0\xd5\xbeS\xac\xe5N\xea\x9eyl[[\xce5\xee\x05\x9c\x96\x87\x9dp\xea?/\xcb\x9a\xaa5\'Q\fuG\x81\x8a@\x97M=v\xfe\a\xabp\xf3\x93\x9d\x7f@9\xc0\xd2\xf1#\xe7N\x89\xf8\xe8+\xa1\x82\x13\xb2\xa9\xef\xa5\xf8\x8b \x00\x9ev\x92\x0e\xd1\x1f\x17Dx[\xad\xb0\x9d/\x96\xe42mO\x9fh\xea\xf3\x14\xcd\x96\x89_)2\xe2\xd6\x81\x00b\xaf;\x92T\xafz\x94\x9fG\xfb\xfd|&k\x03\xd7;\x9ay\xee\xf9W?\xb3\xf9\xf8I.E4\xc3eWq\xfa\":$\xd0\x17Q\x94\xf5\xe5mk\x8e&\xf1;#z\xef*\xce\x99\x04\xb9\x90\xbc\xc9#-\x8di\xae\xc5\xdf\x13\xd2K\x8b\xf5\f\xb2x\xdd\xd5\xb4\xa9^~O<\x12\xe3\xc2Ru2Ht\re\xa1\xf6\xbd\xaa\xb0\x83}i\xc3P|7\xc4\xc8\xb1r0Z\x98\x87^\xc8C\x1b\x96\xb4lsyF\xc5\xbc\xffOE\xe9\xd70\xe7\xfep\x83\xa7\xa1\xd9\xe4\xba\x92\x17\xbf\xe0\xe1\x01\xb7\x8b\x18j\x19n\xc8\xff\xe9\xf4\xf4\xcf a\xd7_w\x0f\x9dF\xae\xccA-/\x83\xabU\xd5\xbf\xa4O\xb4\xed\xc8\xccH\xd1=\x81\x00\x00\x00\xc7;Lb\xce\x1a\xcc\x98\xe8\xe9e\xe0\xc2N\xe7\xd7\x1d\x92\x87F8\x9e\xd6\xdd\xdaW\xf5X\x80\xa0f\xceo\xd8\x7f\xc0\x96\bSB\xce&\x04$\xc3\xe31U\x84\x82\xf0{i\x1d\x02\x10\x86C\x01^\xcf\x93?w\x01\x84\xa0\xd6\xa2\x10\xa4\xfcG\xabD\xd6dGZ\xb2Cx\x1b\xfdD9\x17U\xf0\x16K\xf9&@\xb1[\xe2j$F1n@\xde\n%t.[\xad\xb5\f<o\xdb\xa4\x90\xc4\xd0I\xa6\x96\xa1\x00\xbb\xdd\x94\x00t/1YekG\x7f\xbdrI\x1e\x8a4=\xa2\xe9\x82<\x9e|\xf5#\x7f\xa8\x1f\x14\x82ih\xf9?\x03Q\xf5\xc4\x95\x99 \xa7v~:$\x02O\xe3\xaa\x1f\x00\xebk\'\xd2q\x10\x1e\x94n\xd7w\xb1\xc8G\x89\xf4\x8ct\xf9R\x850\b,r\xc6r\xf7=\xfe\xc1\x16\xe6\xee\xbb:-h\x03;\xe5\x04\xd8\xa9\x9a\xd3\x05(\x7f|\xadU\xafe\x87V.i4$6U,R\x9b\n{\'\xfe1\xc4\xb09\x96\x87\xc0e\xab\xe7\xa9\xb4\x1a\n\xf5\xd7zuvz\x972\xd4\xfb\x13u2\xab\x18\x01~r\xbbcW!\xec\xf7$\xc2\xbaU \x98\xb2\xe3I\xbd\x16T\xb75\xa6\a\xb7\xa1\x8d\xc9\x12\xb1\xbd\xbc\xd9c\xe9\"k\xee\x06\x83\xf4\xab\x18\x038\x8f\xc9^\x0f\xab\xea&P\b\xef#\xf6\xc3\xfc\xd4\xa0\xfd\x15N\xd3\xa0\x80\x9f\bU\xa63\xf6\xc9\xec\x01\'\t\x89(\xf9\x98B\xaf\xde*\x91\xd5k\xa1`d\xf0\x97\xc9e\xc1\"EC\x9a?x\x89\x8d\xb3\xfaF}\x82D\xf8\f\xf1`\x90D\xd1|%(\xd8\t\xea\xdfC\xce\x7fo+?v\xee\xc6bL\x1d\xbe\x84\x0e\xa7U\xc7}\xea.U`\x1b*\xcep\x8d\xa3\xec\xf7\xe0\xfe\x8c=<\xf2\x1f@\xc9\xcfw\xf3\x02\x1b\xde\xc3\x86\xe66E\xa7\x9c\xd3\xb6\xf5\xe0\x14\xb8\xd4`\x85\xe3;\x8c\xf8\xf2\xd9)\x0e\xd0\xff\xa5K\xf3\xf1\xc4\x18\xf4Z\xdci\x91\x84\xe8\xb7\x10\x90\xbc\xect\x13\xdfR\xe2\x80\xf8a\x92\xb2R\xdf0\xcdQ\xdf\x83\xbdjp,\xe8\xbb\xe6\xc6Db\xb8\xd6\xcd\x1ch3h\xcf<\x82\x97\xa5s/m\xb2\x1dd\xf7\xfc\xf5\xa9\x1d\xd34{\xcc\x1f\t,i\x16\x82\xad\x8e\xb6\x17\x0f\xaa\x85^/w\xbb~\xff\xce\x92\x90\x83\n\xe5\x14\x95\x92|\xfe-S%\x91i\xafh\x97z\x00@K\xbb\xc2\fcD\xff\xdcl\xa1\xfaR\xbc\xd4k7L\x8a\xa3Z\xf9%{\xfax\x9a\x04\'/\x90\xe6\xe2\xe9\xf1@o\x0ez\xb8\xce\xbeF\x0fkE\xf4ry\x92n\xff\xcb\xf8e\xf3j\xc5[wK\x91\xdb\xf7-r\xd3\x1bx\x9b$\x91\x03q~@\xd8R\x11\x05|\x8f\xb4\xc9\x16\x87C\xab\x96\xc4\xef\xea\xb9\r\xf5\xf3\xbe\x8a\t\xc7\x88\xc0sL;.\xcf\x1d\xc4^\xb0l\xbb\x97\xc5\xf6n\xca\x18M\xb8\x81\xff\xa9~\xf7\xa3\xa6\xd3\x15I\xecXG\x89\xa8\b\x8b\xcc\xe8\x88\xa07Z\x03\xff14\x87I\xc7\\vK<m2\x16\x03\xcd\xc1\xa8.\x7f\x16qlk\xf1\xf1y\x8c\xde\xd6|\xa1(\xf4\x12O\xca3\xf8%1\x8d\xd7\a\xfeJ\xe6\x8bc\xb3\x1bKC.\xafB\x8d\xdd\xf9\x1e\x9d\xa7\x13\x00\x14\xc7\xa1\xf3\x1e\xcb\x19\x13z`\xac\xf3\xd1x\x1b#}\xfaYR\xc5#Zoag@\x18\xfa*\xb4\xc4\x04\x03V\x87\xc5\xe7\xb5\x9bJ\x85-\x7f\xfe\xc0\xb7g\xe8\'`\x96q\x88[\xf8\xe8L\x12\x85\xf5t\x99\x0e}\xd3H\xed\xda\xf3>\xd8\x12\x8cXc5%\x03\x8d`\xdayC\x9b\x9a\xd9c\xe9\xb4\v\x99\x87\xe4\x00\x8a\x8eS\x8e\f\x05ZH\xa2\x0e\xbc\x9c\x95\b2Cf6\x9a\xe7\xb9\x86\xbe\xd0\xda\x91\xc1sl\x11PA\x93\xa5\x93\xc8\xf1w\x7fp6z\xbf\xe8[\'u\xb8\xd2$K\x12\rt\x87\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00r\xe2`\xdf\xd2\xb3\xaf\xe9\xc4!Z\xb4&\xa2\x12\xe2i\x91kC$A\xafR\xb3\xff\x1d=Z\x0e\xde\x99\xec\x10\xb4+\x13\'\x92>\x14\x00\a\xb6R\x8b\xdcz\xc3\xd1Y\xd6\xd9;s \xb0\x938\xb7D9\xdcN\xbd\xdbn\xe35\xa7\x02\x9c\xc1\xd9\x13?\xc9\xd7\xab\x9c\xf3\x82\xd1\xee^kk\xce\xdbn\x02\x1f\x80\t\xdbr\xa9\xcc\xf1\xcb\x9f@\x8c\xfc\x02W/p\x97\xb0\xbd\x8f\xdb|n2a\xee\x95u\x83\xca\x8a>}\xd3\xd0\xff6.pa\x17\xe3e\xd2\x7f\xf6\xbc\x9d\x112\x1b\x14<B\x91\xc0{{\x9d@\xb3a\xad\x14\xe9\xcc|\xd7\xa1\xc6\xb9F\x04\xce]\xb9Y\xbd\xbd\f\xa4F;q\xec\x83\x9bM\x93\xa4\x9c\xdd\x93\xa0\x82E\x02d\xd4RAI\xd9O\x17\xa6P#\xa35\a\xf6\xbb\t>p\xa1\xd6u\xefn\xb4\xa3\x05D\x8c\xc5l\xcc\b\xeb\xf42\xe9\xf15\xf3\xf2\xee\xd6\xed\t\xb3\xf7\x1a\x7f\xe6\xb4z\x19\xe1\xb4w\xf7\xa6\xd7\\\xfa\x96\xe2\xf9\xb1\x81\xba\xdfg\xadI\x1c\xde*_\xd5\xdf\xeeA\xcd \x91\xc9\xd4\xd1\xcd*.t\x80]\xd5~\xfb\xfb>\x9d\x91Kq]N\x87\x0f\x04L\xd4(\xf2G \xfdr~:\xc4\xc3\xfe\x14G\xadG~^l\xe0:(Y`\x0e\x90\xfa\x1c\xb6\f6\x92B\x92\xd3\xa9BG\xd2*AB\x1e\x01\xf0m+\x02\x87\x81aj;\xb6y.g\xeb\xc4\x0f\xd3\x85\xa5\x00\xa1\xa6iP\x0f\x02\x14\x90q\x94\xab\xb3\x0f\x01=\x06\x98\xa8\x87\xd9=\xce\xbef<\x1d\v\xba[\xd8]\x9e\xf30\xb8\xf1\b\x06M\x18w\xdc\x0e\x98?\x04G\xf9\x99\xab\xc1\xc0z\xe9Fu\x03\x9aj\xc0]\xb47\xd5\xb8]\x98y@\x8c\x8fM\x8c],\x1b\x03\xaa\'gv\xeb\xbf\xa8d\"\x94e3Q\xfci\xdf\xad\x819\xd1\xf3\xaa\xc8i\xf2\x8a\xc4CU3\x87Ns\x9f\x9f\xcd\x05\x06g\x9aRBg\x98\x10Ch\x1c\x96\xd3\xce', 0x7)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2000002, 0x10012, r0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x3, 0x0, 0x0, 0x40f00, 0x42, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
pipe2$9p(&(0x7f00000000c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r5}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000600)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@version_9p2000}]}})

4.604017953s ago: executing program 2 (id=584):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x8, 0x2, 0x4, 0x5}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000b00), &(0x7f0000000300)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='kmem_cache_free\x00', r2}, 0x10)
r3 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
io_setup(0x4, &(0x7f0000000140)=<r4=>0x0)
io_submit(r4, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x2, 0x1, 0x0, r3, 0x0, 0x0, 0x0, 0x3000000000000000}])

4.456020496s ago: executing program 4 (id=585):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r3, 0x0, 0x6}, 0x18)
write$tun(r0, &(0x7f00000003c0)=ANY=[@ANYBLOB="080000fa"], 0xdc)

4.433738056s ago: executing program 5 (id=586):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100006cc70000000000000000ea04850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='mm_page_alloc\x00', r0, 0x0, 0x10000000000}, 0x18)
socket$caif_stream(0x25, 0x1, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
lsetxattr$security_capability(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), &(0x7f00000006c0)=@v3={0x3000000, [{0x3, 0x2}, {0x9, 0x56}], 0xee01}, 0x18, 0x0)
lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)=ANY=[], 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
r1 = socket$kcm(0xa, 0x5, 0x0)
sendmsg$kcm(r1, &(0x7f0000000600)={&(0x7f0000000380)=@in6={0xa, 0x0, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x100000}, 0x80, &(0x7f0000000240)=[{&(0x7f0000000200)="80", 0x1}], 0x1, &(0x7f0000001640)=ANY=[@ANYBLOB="18000000000000008400000000000000620000000000010020000000000000008400000008"], 0x38}, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000300))
openat(0xffffffffffffff9c, &(0x7f0000000000)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x183341, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {0xf}, {0xe, 0xd}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x491, 0x0, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x40080}, 0x4000c00)

4.332739597s ago: executing program 2 (id=587):
syz_mount_image$ext4(&(0x7f00000007c0)='ext4\x00', &(0x7f00000006c0)='./file1\x00', 0x2084018, &(0x7f00000000c0)={[{@user_xattr}, {@nodioread_nolock}]}, 0x1, 0x576, &(0x7f0000000140)="$eJzs3T1sG2UfAPD/neO3X3nf9JXeVwLUoQKkIlV1kn5AYWpXRKVKHZBYIHLcqIoTV7EDTZQh3StEBwSoS9lgYAQxMCAWRlYWEDNSRSOQmg5g5K80TZzglDouud9POvuee87+P8+d/499pzs5gMw62nhII56OiItJxMi6uqFoVx5trbe6slS8v7JUTKJev/RLEklE3FtZKnbWT9rPhyJiOSKeiohv8hHH081xqwuL0xPlcmmuXR6tzVwdrS4snrgyMzFVmirNnnrp5TNnT58ZPzm+/mX36+tL+Z319caPN9+98d2rt29++tmR5eL7E0mci+F23fp+PE6tbZKPcxuWn+5HsAFKBt0AHkmuneeNVPp/jESunfXd1Ed2tWlAn9X3RdSBjErkP2RU53dA4/i3M+3m748751sHII24q+2pVTPUOjcR+5vHJgd/TR46Mmkcbx7ezYayJy1fj4ixoaHNn/+k/fl7dGOPo4H01dfnWztq8/5P18af6DL+DHfOnf5NnfFvddP49yB+bovx72KPMX5/46ePtox/PeKZrvGTtfhJl/hpRLzVY/xbr395dqu6+scRx6J7/I5k+/PDo5evlEtjrceuMb46duSV7fp/cIv4rXO2+5tfM922f5fT2l198e3nzy5vE/+F57bf/922/4GIeK/H+P+998lrW9XduZ7cbfwK2On+TyIft3uM/+K5oz/0uCoAAAAAAAAAALADafNatiQtrM2naaHQuof3f3EwLVeqteOXK/Ozk61r3g5HPu1caTXSKieN8nj7etxO+eSG8qlcO2DuQLNcKFbKkwPuOwAAAAAAAAAAAAAAAAAAADwpDm24//+3XPP+/41/Vw3sVVv/5Tew18l/yK6H8z8ZWDuA3ef7HzKrLv8hu+Q/ZJf8h+yS/5Bd8h+yS/5Ddsl/AAAAAAAAAAAAAAAAAAAAAAAAAADoi4sXLjSm+v2VpWKjPDm0MD9defvEZKk6XZiZLxaKlbmrhalKZapcKhQrM3/1fkmlcnUsZuevjdZK1dpodWHxzZnK/GznP0VL+b73CAAAAAAAAAAAAAAAAAAAAP55hptTkhYiIm3Op2mhEPHviDicRHL5Srk0FhH/iYjvc/l9jfL4oBsNAAAAAAAAAAAAAAAAAAAAe0x1YXF6olwuzWVkZmgnK0fE8uNtRuMdd/yqfHtfPSnb0EwWZgY8MAEAAAAAAAAAAAAAAAAAQAY9uOm311f80d8GAQAAAAAAAAAAAAAAAAAAQCalPycR0ZiOjTw/vLH2X8lqrvkcEe/cuvTBtYlabW68sfzu2vLah+3lJwfRfqBXnTzt5DEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwQHVhcXqiXC7N9XFm0H0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBR/BgAA///eANcP")
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0xe}, 0x50)
r1 = socket(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r3)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r4, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@newqdisc={0x48, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x2, 0x8}}]}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000780)=@newtfilter={0x68, 0x28, 0xd27, 0x0, 0x4, {0x0, 0x0, 0x0, r4, {0xa}, {0xd}, {0x1, 0x3d}}, [@filter_kind_options=@f_bpf={{0x8}, {0x34, 0x2, [@TCA_BPF_ACT={0x30, 0x1, [@m_bpf={0x2c, 0x17, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x1, 0x3}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x9, 0x1}}]}, 0x68}}, 0x40)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7030000ec000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kfree\x00', r5, 0x0, 0x10000000000000}, 0x18)
open(&(0x7f0000000040)='./file0\x00', 0x551083, 0x40)

4.14342131s ago: executing program 6 (id=588):
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4005, &(0x7f0000000040)=0x81, 0x5, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f00000003c0)={@multicast1, @empty}, 0xc)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="0b00000005000000020000000400000005400000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f00000009c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000feffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000100ff03850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000340)='kfree\x00', r3, 0x0, 0xffff}, 0x18)
r4 = signalfd(r3, &(0x7f00000002c0)={[0x4f3]}, 0x8)
syz_genetlink_get_family_id$mptcp(&(0x7f00000003c0), r4)
sendmsg$NL80211_CMD_SET_MAC_ACL(r4, &(0x7f0000000700)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000680)={&(0x7f0000000600)=ANY=[@ANYBLOB="e056f2b3", @ANYRES16=0x0, @ANYBLOB="000826bd7000fbdbdf255d0000004000a6800a000600ffffffffffff00000a00060008021100000000000a000600ffffffffffff00000a00060008021100000100000a00060008021100000100000800a50000000000"], 0x5c}, 0x1, 0x0, 0x0, 0x4810}, 0xc015)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x6, 0xc, &(0x7f0000000840)=ANY=[@ANYBLOB="1800000003019da500000000030000000000000068b848848d51763f76f5f19e65f84369e97b60daed3b32bbc2fe69c9aafe9ffc9f7c883a6af25ed5fbe5a57b3d216b64a6ea9af2fc4eebcc1e2d3827d31b5e331b67dd708d10177e1efe6b9fc3b86e46a2336b0fcaa25c170de3a5ff74d132044b92f44c4b4a3afa088cedcb1f8b3cdda669bfcd8ec543df142124d9cef15e6029b4f5e593c1266e7c6a6a96d2d453967a54f1dc6325eaa23782da3633adb0f7c8229decfad9388282a268238a99eba2a89166c1060dc890713ad315640c41147329cae64dee508f93432b2158479a2ae79ca44f3075bc7865aee1ade73f05f5", @ANYRES32=r0, @ANYBLOB="0000000000000000b7ff7f00000000007b8af8ff00000000bfa200000000000007020000f8ffe1cf426c44499f2c896a788c95ffffb703000008000000b7040000f6000000850000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, @fallback, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xc94284a3061bb7fe, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6, 0x0, 0xffffffffffffffff}, 0x18)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DEAUTHENTICATE(r7, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="c50f00000000000000001100000008000300", @ANYRES32=0x0, @ANYBLOB="08002a00a421"], 0x24}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r5}, 0x10)
set_mempolicy_home_node(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x0)

4.1109473s ago: executing program 6 (id=589):
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1d, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x18) (async)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x18)
r3 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48) (async)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x38, '\x00', 0x0, @lirc_mode2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xd85}, 0x94) (async)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x38, '\x00', 0x0, @lirc_mode2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xd85}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r6}, 0x10)
io_setup(0x8, &(0x7f0000000600)=<r7=>0x0)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000002740), 0x101002) (async)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000002740), 0x101002)
io_submit(r7, 0x1, &(0x7f0000000080)=[0x0]) (async)
io_submit(r7, 0x1, &(0x7f0000000080)=[0x0])
write$binfmt_aout(r3, &(0x7f00000000c0)=ANY=[], 0x20) (async)
write$binfmt_aout(r3, &(0x7f00000000c0)=ANY=[], 0x20)
r8 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r8, 0x0)
syz_clone(0x630c1100, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
syz_clone(0x630c1100, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x800400, &(0x7f0000000040), 0xfe, 0x45d, &(0x7f0000001480)="$eJzs3MtvG0UYAPBvnTjpg5JQyqMvCBRExSNp0gc9cCkCiQNISHAo4hTStCp1G9QEiVYVFA7hiCpxRxyR+Au4UC4IOCFxhTtCqlAvFE5Gu95NXcd27MaNof79pFVndiee+XZ36vGM1wEMrImI2B0R90TErxExFhFJY4GJ2j83rl+a+/v6pbkkqtU3/kyycn9dvzRXFC3+bmstUx1qU+/y2xGzlcr8+Tw/tXT2vanFCxefO3129tT8qflzM0ePHjq4d+TIzOGexLktbeuuDxf27HzlrSuvzR2/8s6PXyd53NEQR69MZGctM7bccOzJXlfWZ9vq0slwHxtCV8YjIr1c5az/j8VQbF45NhYvf9LXxgF3VLVaqo7euqtcl75cBe5i6WgeGETFG336+bfYNnD40XfXjsXKPMaNfKsdGY5SXqZ8B+ufiIjjl//5It3iDs1DAADUu3osIp5tNv4rxYN15e7N14bGI+K+iNgeEfdHxI6IeCAiK/tQRDzcZf0TDfnV45/q2G0F1qF0/PdCvrZ16/ivGP3F+FCe25bFX05Onq7MH8jPyf4oj6b56TZ1fPfSL5+1OlY//ku3tP5iLJi344/hhgm6E7Pl2fXEXO/ax7UFgNXxJ1Es46Tj450RsauL1y1nc4s1p5/+ak+rcmvH30YP1pmqX0Y8Vbv+l6Mh/kLScn1y+vkjM4enNkVl/sBUcVes9tPPy6+3qn9d8ffAtavV2NL0/l+JfzzZFLF44eKZbL12sfs6ln/7tOVnmtu7/5dmR5I3s/RIvu+D2aWl89MRI8mrq/fP3PzbIl+UT+///fua9//tcfNM7I6I9CbeGxGPRMSjedsfi4jHI2Jfm/h/ePGJd1ca1HH8o21esXfS+E+sdf2j/vp3nxg68/03rerv7PofylL78z3p9V8rrk4buJ5zBwAAAP8Xpew78ElpciVdKk1O1r7DvyO2lCoLi0vPnFx4/9yJ2nflx6NcKma6xurmQ6fzueEiP9OQP5jPG38+tDnLT84tVLqZTwR6b2uL/p/6vd0DPMDdwfNaMLj0fxhc+j8MLv0fBpf+D4OrWf//qA/tADbeGu//mzeqHcDGM/6HwaX/w+DS/2EgtXw2vrSuR/4l+pT4dmR9v9XQeSJK/5GQ75pEOZoeGu74xyxuI5FExGjTQ/3+nwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA3/g0AAP//wMnoQw==") (async)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x800400, &(0x7f0000000040), 0xfe, 0x45d, &(0x7f0000001480)="$eJzs3MtvG0UYAPBvnTjpg5JQyqMvCBRExSNp0gc9cCkCiQNISHAo4hTStCp1G9QEiVYVFA7hiCpxRxyR+Au4UC4IOCFxhTtCqlAvFE5Gu95NXcd27MaNof79pFVndiee+XZ36vGM1wEMrImI2B0R90TErxExFhFJY4GJ2j83rl+a+/v6pbkkqtU3/kyycn9dvzRXFC3+bmstUx1qU+/y2xGzlcr8+Tw/tXT2vanFCxefO3129tT8qflzM0ePHjq4d+TIzOGexLktbeuuDxf27HzlrSuvzR2/8s6PXyd53NEQR69MZGctM7bccOzJXlfWZ9vq0slwHxtCV8YjIr1c5az/j8VQbF45NhYvf9LXxgF3VLVaqo7euqtcl75cBe5i6WgeGETFG336+bfYNnD40XfXjsXKPMaNfKsdGY5SXqZ8B+ufiIjjl//5It3iDs1DAADUu3osIp5tNv4rxYN15e7N14bGI+K+iNgeEfdHxI6IeCAiK/tQRDzcZf0TDfnV45/q2G0F1qF0/PdCvrZ16/ivGP3F+FCe25bFX05Onq7MH8jPyf4oj6b56TZ1fPfSL5+1OlY//ku3tP5iLJi344/hhgm6E7Pl2fXEXO/ax7UFgNXxJ1Es46Tj450RsauL1y1nc4s1p5/+ak+rcmvH30YP1pmqX0Y8Vbv+l6Mh/kLScn1y+vkjM4enNkVl/sBUcVes9tPPy6+3qn9d8ffAtavV2NL0/l+JfzzZFLF44eKZbL12sfs6ln/7tOVnmtu7/5dmR5I3s/RIvu+D2aWl89MRI8mrq/fP3PzbIl+UT+///fua9//tcfNM7I6I9CbeGxGPRMSjedsfi4jHI2Jfm/h/ePGJd1ca1HH8o21esXfS+E+sdf2j/vp3nxg68/03rerv7PofylL78z3p9V8rrk4buJ5zBwAAAP8Xpew78ElpciVdKk1O1r7DvyO2lCoLi0vPnFx4/9yJ2nflx6NcKma6xurmQ6fzueEiP9OQP5jPG38+tDnLT84tVLqZTwR6b2uL/p/6vd0DPMDdwfNaMLj0fxhc+j8MLv0fBpf+D4OrWf//qA/tADbeGu//mzeqHcDGM/6HwaX/w+DS/2EgtXw2vrSuR/4l+pT4dmR9v9XQeSJK/5GQ75pEOZoeGu74xyxuI5FExGjTQ/3+nwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA3/g0AAP//wMnoQw==")
r9 = open(&(0x7f0000000480)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r9, 0xc0c0583b, &(0x7f0000000b00)=ANY=[@ANYBLOB="000000004c9002000000000003000100000000000000000000000000000000000000000000f00000000000000400000000000000000000000000000000faff00ffffffff0200000000000000000000000d00000b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fbffffff0000000002000000000200000400000000000000f9ffffffffffffff000000000000000000000000000000000000000002080000876f4c0155a8da0f990af94777435b4486dd39912bd23e01df94e0d92f842e22a1cdd6fc6e72d2574b33cd22190000000000000000"]) (async)
ioctl$FS_IOC_GETFSMAP(r9, 0xc0c0583b, &(0x7f0000000b00)=ANY=[@ANYBLOB="000000004c9002000000000003000100000000000000000000000000000000000000000000f00000000000000400000000000000000000000000000000faff00ffffffff0200000000000000000000000d00000b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fbffffff0000000002000000000200000400000000000000f9ffffffffffffff000000000000000000000000000000000000000002080000876f4c0155a8da0f990af94777435b4486dd39912bd23e01df94e0d92f842e22a1cdd6fc6e72d2574b33cd22190000000000000000"])
syz_emit_ethernet(0x56, &(0x7f00000002c0)=ANY=[@ANYBLOB="bbbbbbbb3bbbaaaaaaaaaaaa86dd60f4adf700202c00fe80000000000000f2ff000000000000ff0200000000000000000000000000013c000000000000000502"], 0x0)
perf_event_open(&(0x7f0000000180)={0x8, 0x80, 0x0, 0x4, 0x0, 0x7, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x7}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
open$dir(&(0x7f0000000080)='./file0\x00', 0x804000, 0x0) (async)
r10 = open$dir(&(0x7f0000000080)='./file0\x00', 0x804000, 0x0)
r11 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r11)
ptrace$getregset(0x4205, r11, 0x202, &(0x7f0000000240)={&(0x7f0000000180)=""/120, 0xffffffffffffff28})
socket$inet6(0xa, 0x4, 0x20000)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r3, 0x89f3, &(0x7f0000000140)={'ip_vti0\x00', &(0x7f0000000100)={'ip_vti0\x00', <r12=>0x0, 0x1, 0x700, 0x1, 0xfff, {{0x6, 0x4, 0x0, 0x9, 0x18, 0x68, 0x0, 0xf, 0x2f, 0x0, @private=0xa010102, @broadcast, {[@end]}}}}})
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000740)={r3, 0xe0, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x6, 0x5, &(0x7f00000004c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000500)=[0x0, 0x0, 0x0, 0x0, 0x0], <r13=>0x0, 0xc4, &(0x7f0000000540), 0x0, 0x10, &(0x7f0000000580), &(0x7f00000005c0), 0x8, 0xb7, 0x8, 0x8, &(0x7f0000000600)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x16, 0x4, &(0x7f00000009c0)=ANY=[@ANYRESOCT=r5], &(0x7f00000000c0)='GPL\x00', 0x7ffc, 0xcd, &(0x7f00000003c0)=""/205, 0x41100, 0x66, '\x00', r12, @flow_dissector, r3, 0x8, &(0x7f0000000200)={0x3, 0x2}, 0x8, 0x10, &(0x7f0000000300)={0x4, 0x3, 0x4, 0x101}, 0x10, r13, r0, 0x0, &(0x7f0000000840)=[r2], &(0x7f0000000880)}, 0x94)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x3, 0x12, r10, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x15, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="b400000000000000791028000000000069003a00000000009500740000000000", @ANYRESDEC], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/164, 0x0, 0x25, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xffffff8f}, 0x48)

3.42313693s ago: executing program 4 (id=590):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x18)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='mm_page_alloc\x00', r2}, 0x10)
r3 = syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$USBDEVFS_SUBMITURB(r4, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x7995}, 0xfcb5, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
r5 = socket(0x10, 0x803, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4, 0xc00}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000001c0)=@newtfilter={0x70, 0x2c, 0xd27, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, r7, {0xc, 0x4}, {}, {0x3, 0xf}}, [@filter_kind_options=@f_flow={{0x9}, {0x40, 0x2, [@TCA_FLOW_EMATCHES={0x3c, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xfffb}}, @TCA_EMATCH_TREE_LIST={0x30, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x7, 0x7, 0x2}, {{0x0, 0x1, 0x0, 0x1}, {0x0, 0x1, 0x1, 0x1}}}}, @TCF_EM_META={0x18, 0x2, 0x0, 0x0, {{0xfffb, 0x4, 0x2}, [@TCA_EM_META_HDR={0xc, 0x1, {{0x5, 0xe, 0x2}, {0x0, 0x7, 0x2}}}]}}]}]}]}}]}, 0x70}}, 0x200400d4)

3.150824384s ago: executing program 2 (id=591):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2f00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000006000000850000000700000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000440)='sys_enter\x00', r0}, 0x18)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYBLOB="2800000002010103000000000000000005000003fbff198008000100a00000000800020001000000"], 0x28}, 0x1, 0x0, 0x0, 0x44080}, 0x4)
pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000380)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000003c0)={[{@noload}, {@nojournal_checksum}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@resgid}, {@jqfmt_vfsold}, {@journal_dev={'journal_dev', 0x3d, 0x800}}, {@nobh}, {@inlinecrypt}, {@resgid}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f0000001880)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000200000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
sendmsg$key(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x4008040)
pwritev2(0xffffffffffffffff, 0x0, 0x0, 0xe7b, 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000400)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x238, 0x0, 0x0, 0x40f00, 0x18, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x203}, 0x94)
r4 = socket$packet(0x11, 0x3, 0x300)
sendmsg$IPCTNL_MSG_EXP_DELETE(r3, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000580)={0x80, 0x2, 0x2, 0x101, 0x0, 0x0, {0xa, 0x0, 0x9}, [@CTA_EXPECT_HELP_NAME={0xe, 0x6, 'sip-20000\x00'}, @CTA_EXPECT_TUPLE={0x5c, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x11}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @loopback}, {0x14, 0x4, @private0={0xfc, 0x0, '\x00', 0x1}}}}]}]}, 0x80}, 0x1, 0x0, 0x0, 0x4}, 0xc001)
setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x1000}, 0x4)
setsockopt$packet_int(r4, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
recvmmsg(r4, &(0x7f0000000400)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000180)=""/27, 0x1b}], 0x1}, 0x7}, {{0x0, 0x0, 0x0}, 0x8}], 0x2, 0x0, 0x0)
fallocate(r3, 0x0, 0xa20, 0x8000c64)
write$binfmt_elf64(r3, 0x0, 0x478)
pwritev2(r3, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0x1}], 0x1, 0xe7b, 0x0, 0x2)
membarrier(0x2, 0x0)

3.150028834s ago: executing program 4 (id=592):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
syz_open_dev$sg(0x0, 0x0, 0x8002)
write$sndseq(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r2, 0x0, 0x20000010)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r4], &(0x7f0000001b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
socket(0xa, 0x801, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r6)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r6, &(0x7f0000000480)={0x0, 0x14, &(0x7f0000000580)={&(0x7f0000000540)={0x1c, r7, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x33}, @void}}}, 0x1c}}, 0x4000054)
ioctl$PPPIOCNEWUNIT(r3, 0xc004743e, &(0x7f0000000140))
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000180)={0x1, &(0x7f0000000000)=[{0x8, 0x0, 0x3, 0x1000}]})
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @queue}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @time=@time}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @result}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time}], 0x8c)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000838500000071000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
open(&(0x7f0000000040)='./file2\x00', 0x181042, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000d80)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r9}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000200)={[{@init_itable_val={'init_itable', 0x3d, 0x8000}}, {@nodiscard}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@jqfmt_vfsold}, {}, {@nobarrier}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000480)='mm_page_free\x00', r8}, 0x18)
syz_open_dev$usbmon(&(0x7f00000000c0), 0xcfae, 0x84102)

3.107110155s ago: executing program 5 (id=593):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80cf}, 0x400c040)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, &(0x7f00000000c0)=0x468a, 0x4)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000040)={'vxcan1\x00', <r2=>0x0})
sendmsg$can_raw(r1, &(0x7f00000003c0)={&(0x7f0000000280)={0x1d, r2}, 0x10, &(0x7f0000000380)={&(0x7f00000002c0)=@can={{0x3, 0x0, 0x1}, 0x4, 0x2, 0x0, 0x0, "e3997e3df56fe25b"}, 0x10}, 0x1, 0x0, 0x0, 0x20000004}, 0x40)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r3}, 0x10)
gettid()
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
fcntl$lock(r4, 0x6, &(0x7f0000002000)={0x1})
fcntl$lock(r4, 0x26, &(0x7f00000031c0)={0x1, 0x0, 0x0, 0x1000000})

2.691018811s ago: executing program 2 (id=594):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
pipe2(0x0, 0x0)
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{0x50, 0x20}, {0x20, 0x0, 0x0, 0xfffff010}, {0x6}]}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0))
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_FD_FRAMES(r3, 0x65, 0x5, &(0x7f0000000380)=0x1, 0x4)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYRESHEX=0x0, @ANYRES32=r5, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r6 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc))
timer_create(0x6, &(0x7f0000000240)={0x0, 0x35, 0x4, @tid=r6}, &(0x7f0000000280))
r7 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x250000, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r9 = openat$cgroup_subtree(r8, &(0x7f0000000040), 0x2, 0x0)
readv(r9, &(0x7f00000013c0)=[{&(0x7f0000000080)=""/91, 0x5b}], 0x1)
ioctl$PPPIOCNEWUNIT(r7, 0xc004743e, &(0x7f0000000200)=0x3)
sendmsg$nl_route_sched(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=@gettfilter={0x34, 0x2e, 0x400, 0x70bd28, 0x25dfdbfe, {0x0, 0x0, 0x0, r5, {0x6, 0xfff1}, {0xffe0, 0x4}, {0x7, 0x5}}, [{0x8, 0xb, 0x10000}, {0x8, 0xb, 0xffffffc0}]}, 0x34}}, 0x4000090)
bind$packet(r1, &(0x7f0000000040)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @remote}, 0x14)
sendto$inet6(r1, &(0x7f0000000800)="4103082c1116480401020200c52cf7c25975e005b02f000006892f000300897c6b118777faffffff3066090cb600c5471d130a66321a54e7df305fbe258161b6fd8f2428652265d94c6fdbaefc57376a57c2feffff188be9427c323ef024a37016d2a7f9ab6e7941a6fc4f95aa73c1dfff4941f6503b5bd8c91db22cd33795481c94085fa12cdc679ac2a5d7b5d99b93fb07acb0da680e78b74c74aae8d7690d5986a9af81622a0ac210bc7b5ca5fed11cb54d046642670041e846bb184ff5d39fe8516d2d2a8d84e6e7dfcb2b8a8023444db513a3d7a124b59f0a5cd36489dbbb75cce3145d0ea3c3aa21af7cbcbc7a7575db782e757ca543109f5ddcec4930aa91f4119ea3d1f56140cb86cfe0724b23904ef5d05c725ee23918a502b1afe09fb0757d", 0xfc13, 0x880, 0x0, 0xfffffffffffffef0)

2.373431305s ago: executing program 6 (id=595):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="50000000150019092dbd7000fddbdf250a182000", @ANYRES32, @ANYBLOB="140002"], 0x50}, 0x1, 0x0, 0x0, 0x80cf}, 0x400c040)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, &(0x7f00000000c0)=0x468a, 0x4)
sendmsg$can_raw(r1, &(0x7f00000003c0)={&(0x7f0000000280), 0x10, &(0x7f0000000380)={&(0x7f00000002c0)=@can={{0x3, 0x0, 0x1}, 0x4, 0x2, 0x0, 0x0, "e3997e3df56fe25b"}, 0x10}, 0x1, 0x0, 0x0, 0x20000004}, 0x40)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffc4, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r3}, 0x10)
gettid()
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
fcntl$lock(r4, 0x6, &(0x7f0000002000)={0x1})
fcntl$lock(r4, 0x26, &(0x7f00000031c0)={0x1, 0x0, 0x0, 0x1000000})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='mm_page_free\x00', 0xffffffffffffffff, 0x0, 0xfffffffff7fffffe}, 0xe)
write(r6, &(0x7f0000004200)='t', 0x1)
sendfile(r6, r5, 0x0, 0x3ffff)
syz_io_uring_setup(0x1725, &(0x7f0000000100)={0x0, 0x9fd8, 0x800, 0x3, 0x333}, &(0x7f0000000000)=<r7=>0x0, &(0x7f0000000200))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000240)=0xfffffc04, 0x0, 0x4)

1.917960352s ago: executing program 3 (id=596):
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x1000000, &(0x7f0000000000)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000"], 0x1, 0x2bb, &(0x7f0000000440)="$eJzs3UFrE1sYxvGnTW+TprTJhcuFe0E96EY3oY0fQIO0IAaU2hR1IUztREPGpMyESkRsNuLWD+Gq6M6doC7ddCNu3LsrguCmC3HETNImbVrTNklj+/9BmTd5z8OcttPyptDJ2o1n9/NZL5G1ShqMGA1KFa1L8V9VzUDtOFith9WoonOj3z6duH7z1pVUOj01Y8x0avZ80hgzfurNg0cvTr8rjc69Gn8d1mr89trX5OfVf1f/W/sxey/nmZxnCsWSscx8sViy5h3bLOS8fMKYa45tebbJFTzbbepnneLiYtlYhYWx6KJre56xCmWTt8umVDQlt2ysu1auYBKJhBmL6ngbamNNZmVmxkrt2PZDHd0Rum6k1ZOum6q0bmZWerAnAADQZ3af/4NZf+f5Pz0XHNua/18+l9qb/6VOzv8DPf2C9rlK06PfzP84Elw3ZUVrP7/NmP8BAAAAAAAAAAAAAAAAAAAAAPgTrPt+zPf9WP1Y/whLikiqPz7sfaI79vn9v3BI20WHNfzjXkRyni5lljLBMeinssrJka0JxfS9ej3UBPX05fTUhKmK662zXMsvL2VCCtfzdfFW+ZN/TwZ505z/S9HG8ycV0z+tz59smR/W2TMN+YRi+nBHRTlaqF7Xm/nHk8Zcuprekh+prgMAAAAA4ChImA3bXr9X+9UFEW3vB/k9/H1gy+vrIf3fzi0qAQAAAADAgXnlh3nLcWx3H0VY0gHieyj8ga6fonNFSH2xjS3FRUl9sI1eFRFJwTNmP/EvG/G2Un4ba4YkHfTzivTw0jrs30wAAAAAOm1z6N9D6OOTLu4IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDjp937gdXXb2vVG7vEG04X0vuNtwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjp2fAQAA//91iCZA")
r0 = memfd_create(&(0x7f0000000b40)='Y\xff\xff\x00\x00\x00\x00\x00K\xb2\x02\x80B\xe9\xe8\xcc\xde\x06\x00l\xa8\x1aJ\xaf\xb2M\xba\xb8_\x05U\xcd<|>\x9e\xec^\x0e\xbe\x18+-\x9b\x893\x02\x00\xa6\x1f+\xb3\xc5\x90z5\xe0\xdfi\xb7\x9f\xb4QW\xc9\xc9\x92\x03\t\x00\x00\x00\x00\x00\xb2\x0f\xee\xbe\f8\xcc\x7f\x00\x00\x00Z\x81\x00\x00\x00\x00\x18I\x13\xf1\xa2x\x04\x81R\xd45R\xae\x84\xcdN\xf7\xf6\b~\xed_M^dQ:\xbc\xafq\x88\x19nSF|;]\xe1A\x8c\x8a\x98\xd7|\xadNaC\xa6\xf9\xa7>c\x84\xd8\xfa\xf1\r\xb1\xfd\xbf!\xc7u\xccP\xdd\x13~\x89\xcf\x85\xca\xa0%\xc6\xc7\x11\x00\x00\x00\x00\x00\x00\x00?M9\\\av~\'\xd9\xb0\xacdya]8\x9d\xb7\v\xf39\xc5{\x9c!\x0f/\xb8g8\xb9\x8d\x19\xe2\xca\x01y\x83\xe7\ng\x87\xd93<u\xbe\xeag\xd2\x04e\xf2s\xde}o#\x90\xda\x9cs,r\xfd:\xcb\xc7\vTmPZH\xac\x8b\xd0\xc0\xbcRK\xcb\x1e8\xce\xbd[N\xb0\xb4<\xeb\x86[\xec\x8f\x14\xea\x82\x9e&\\\xb7!\xed\xa0\xc3,\x90m\x0f\x00\x00\x00\x00\x00\x00\xff\xd0\xb3\x94\x00\x00\x00\x00\x00\x00\x00\x9dH\xf8\xffRo\xa3W\xe1\x0f\x8eS\xaeX\x93\x7f\xd3\xb9a\xe4\xe0\xbd\xd9\xf5\xe4e\xf9\xcam\xe3\x03\xe4\xad\xd5&A\x02\xc8\xa9\xfe\xcb\x87\xd9\xd3\x84\f\xc08T~\xc4\xbd\x90?\x1f\x9c\x9b0\x19 \x9f\xd1p`\xc0/\x00u\x19\x1d\xac\xe8%\xb7\t\x9f4\xbb\x89\xe9\xc1\x81\xb0\xd6\xf7\x05\x16\xb9\xe9\xdc~\xd3-s\xe6;\x94\x1c^\x06\xdav;\xccD\x95sj\xe0\xd5\xbeS\xac\xe5N\xea\x9eyl[[\xce5\xee\x05\x9c\x96\x87\x9dp\xea?/\xcb\x9a\xaa5\'Q\fuG\x81\x8a@\x97M=v\xfe\a\xabp\xf3\x93\x9d\x7f@9\xc0\xd2\xf1#\xe7N\x89\xf8\xe8+\xa1\x82\x13\xb2\xa9\xef\xa5\xf8\x8b \x00\x9ev\x92\x0e\xd1\x1f\x17Dx[\xad\xb0\x9d/\x96\xe42mO\x9fh\xea\xf3\x14\xcd\x96\x89_)2\xe2\xd6\x81\x00b\xaf;\x92T\xafz\x94\x9fG\xfb\xfd|&k\x03\xd7;\x9ay\xee\xf9W?\xb3\xf9\xf8I.E4\xc3eWq\xfa\":$\xd0\x17Q\x94\xf5\xe5mk\x8e&\xf1;#z\xef*\xce\x99\x04\xb9\x90\xbc\xc9#-\x8di\xae\xc5\xdf\x13\xd2K\x8b\xf5\f\xb2x\xdd\xd5\xb4\xa9^~O<\x12\xe3\xc2Ru2Ht\re\xa1\xf6\xbd\xaa\xb0\x83}i\xc3P|7\xc4\xc8\xb1r0Z\x98\x87^\xc8C\x1b\x96\xb4lsyF\xc5\xbc\xffOE\xe9\xd70\xe7\xfep\x83\xa7\xa1\xd9\xe4\xba\x92\x17\xbf\xe0\xe1\x01\xb7\x8b\x18j\x19n\xc8\xff\xe9\xf4\xf4\xcf a\xd7_w\x0f\x9dF\xae\xccA-/\x83\xabU\xd5\xbf\xa4O\xb4\xed\xc8\xccH\xd1=\x81\x00\x00\x00\xc7;Lb\xce\x1a\xcc\x98\xe8\xe9e\xe0\xc2N\xe7\xd7\x1d\x92\x87F8\x9e\xd6\xdd\xdaW\xf5X\x80\xa0f\xceo\xd8\x7f\xc0\x96\bSB\xce&\x04$\xc3\xe31U\x84\x82\xf0{i\x1d\x02\x10\x86C\x01^\xcf\x93?w\x01\x84\xa0\xd6\xa2\x10\xa4\xfcG\xabD\xd6dGZ\xb2Cx\x1b\xfdD9\x17U\xf0\x16K\xf9&@\xb1[\xe2j$F1n@\xde\n%t.[\xad\xb5\f<o\xdb\xa4\x90\xc4\xd0I\xa6\x96\xa1\x00\xbb\xdd\x94\x00t/1YekG\x7f\xbdrI\x1e\x8a4=\xa2\xe9\x82<\x9e|\xf5#\x7f\xa8\x1f\x14\x82ih\xf9?\x03Q\xf5\xc4\x95\x99 \xa7v~:$\x02O\xe3\xaa\x1f\x00\xebk\'\xd2q\x10\x1e\x94n\xd7w\xb1\xc8G\x89\xf4\x8ct\xf9R\x850\b,r\xc6r\xf7=\xfe\xc1\x16\xe6\xee\xbb:-h\x03;\xe5\x04\xd8\xa9\x9a\xd3\x05(\x7f|\xadU\xafe\x87V.i4$6U,R\x9b\n{\'\xfe1\xc4\xb09\x96\x87\xc0e\xab\xe7\xa9\xb4\x1a\n\xf5\xd7zuvz\x972\xd4\xfb\x13u2\xab\x18\x01~r\xbbcW!\xec\xf7$\xc2\xbaU \x98\xb2\xe3I\xbd\x16T\xb75\xa6\a\xb7\xa1\x8d\xc9\x12\xb1\xbd\xbc\xd9c\xe9\"k\xee\x06\x83\xf4\xab\x18\x038\x8f\xc9^\x0f\xab\xea&P\b\xef#\xf6\xc3\xfc\xd4\xa0\xfd\x15N\xd3\xa0\x80\x9f\bU\xa63\xf6\xc9\xec\x01\'\t\x89(\xf9\x98B\xaf\xde*\x91\xd5k\xa1`d\xf0\x97\xc9e\xc1\"EC\x9a?x\x89\x8d\xb3\xfaF}\x82D\xf8\f\xf1`\x90D\xd1|%(\xd8\t\xea\xdfC\xce\x7fo+?v\xee\xc6bL\x1d\xbe\x84\x0e\xa7U\xc7}\xea.U`\x1b*\xcep\x8d\xa3\xec\xf7\xe0\xfe\x8c=<\xf2\x1f@\xc9\xcfw\xf3\x02\x1b\xde\xc3\x86\xe66E\xa7\x9c\xd3\xb6\xf5\xe0\x14\xb8\xd4`\x85\xe3;\x8c\xf8\xf2\xd9)\x0e\xd0\xff\xa5K\xf3\xf1\xc4\x18\xf4Z\xdci\x91\x84\xe8\xb7\x10\x90\xbc\xect\x13\xdfR\xe2\x80\xf8a\x92\xb2R\xdf0\xcdQ\xdf\x83\xbdjp,\xe8\xbb\xe6\xc6Db\xb8\xd6\xcd\x1ch3h\xcf<\x82\x97\xa5s/m\xb2\x1dd\xf7\xfc\xf5\xa9\x1d\xd34{\xcc\x1f\t,i\x16\x82\xad\x8e\xb6\x17\x0f\xaa\x85^/w\xbb~\xff\xce\x92\x90\x83\n\xe5\x14\x95\x92|\xfe-S%\x91i\xafh\x97z\x00@K\xbb\xc2\fcD\xff\xdcl\xa1\xfaR\xbc\xd4k7L\x8a\xa3Z\xf9%{\xfax\x9a\x04\'/\x90\xe6\xe2\xe9\xf1@o\x0ez\xb8\xce\xbeF\x0fkE\xf4ry\x92n\xff\xcb\xf8e\xf3j\xc5[wK\x91\xdb\xf7-r\xd3\x1bx\x9b$\x91\x03q~@\xd8R\x11\x05|\x8f\xb4\xc9\x16\x87C\xab\x96\xc4\xef\xea\xb9\r\xf5\xf3\xbe\x8a\t\xc7\x88\xc0sL;.\xcf\x1d\xc4^\xb0l\xbb\x97\xc5\xf6n\xca\x18M\xb8\x81\xff\xa9~\xf7\xa3\xa6\xd3\x15I\xecXG\x89\xa8\b\x8b\xcc\xe8\x88\xa07Z\x03\xff14\x87I\xc7\\vK<m2\x16\x03\xcd\xc1\xa8.\x7f\x16qlk\xf1\xf1y\x8c\xde\xd6|\xa1(\xf4\x12O\xca3\xf8%1\x8d\xd7\a\xfeJ\xe6\x8bc\xb3\x1bKC.\xafB\x8d\xdd\xf9\x1e\x9d\xa7\x13\x00\x14\xc7\xa1\xf3\x1e\xcb\x19\x13z`\xac\xf3\xd1x\x1b#}\xfaYR\xc5#Zoag@\x18\xfa*\xb4\xc4\x04\x03V\x87\xc5\xe7\xb5\x9bJ\x85-\x7f\xfe\xc0\xb7g\xe8\'`\x96q\x88[\xf8\xe8L\x12\x85\xf5t\x99\x0e}\xd3H\xed\xda\xf3>\xd8\x12\x8cXc5%\x03\x8d`\xdayC\x9b\x9a\xd9c\xe9\xb4\v\x99\x87\xe4\x00\x8a\x8eS\x8e\f\x05ZH\xa2\x0e\xbc\x9c\x95\b2Cf6\x9a\xe7\xb9\x86\xbe\xd0\xda\x91\xc1sl\x11PA\x93\xa5\x93\xc8\xf1w\x7fp6z\xbf\xe8[\'u\xb8\xd2$K\x12\rt\x87\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00r\xe2`\xdf\xd2\xb3\xaf\xe9\xc4!Z\xb4&\xa2\x12\xe2i\x91kC$A\xafR\xb3\xff\x1d=Z\x0e\xde\x99\xec\x10\xb4+\x13\'\x92>\x14\x00\a\xb6R\x8b\xdcz\xc3\xd1Y\xd6\xd9;s \xb0\x938\xb7D9\xdcN\xbd\xdbn\xe35\xa7\x02\x9c\xc1\xd9\x13?\xc9\xd7\xab\x9c\xf3\x82\xd1\xee^kk\xce\xdbn\x02\x1f\x80\t\xdbr\xa9\xcc\xf1\xcb\x9f@\x8c\xfc\x02W/p\x97\xb0\xbd\x8f\xdb|n2a\xee\x95u\x83\xca\x8a>}\xd3\xd0\xff6.pa\x17\xe3e\xd2\x7f\xf6\xbc\x9d\x112\x1b\x14<B\x91\xc0{{\x9d@\xb3a\xad\x14\xe9\xcc|\xd7\xa1\xc6\xb9F\x04\xce]\xb9Y\xbd\xbd\f\xa4F;q\xec\x83\x9bM\x93\xa4\x9c\xdd\x93\xa0\x82E\x02d\xd4RAI\xd9O\x17\xa6P#\xa35\a\xf6\xbb\t>p\xa1\xd6u\xefn\xb4\xa3\x05D\x8c\xc5l\xcc\b\xeb\xf42\xe9\xf15\xf3\xf2\xee\xd6\xed\t\xb3\xf7\x1a\x7f\xe6\xb4z\x19\xe1\xb4w\xf7\xa6\xd7\\\xfa\x96\xe2\xf9\xb1\x81\xba\xdfg\xadI\x1c\xde*_\xd5\xdf\xeeA\xcd \x91\xc9\xd4\xd1\xcd*.t\x80]\xd5~\xfb\xfb>\x9d\x91Kq]N\x87\x0f\x04L\xd4(\xf2G \xfdr~:\xc4\xc3\xfe\x14G\xadG~^l\xe0:(Y`\x0e\x90\xfa\x1c\xb6\f6\x92B\x92\xd3\xa9BG\xd2*AB\x1e\x01\xf0m+\x02\x87\x81aj;\xb6y.g\xeb\xc4\x0f\xd3\x85\xa5\x00\xa1\xa6iP\x0f\x02\x14\x90q\x94\xab\xb3\x0f\x01=\x06\x98\xa8\x87\xd9=\xce\xbef<\x1d\v\xba[\xd8]\x9e\xf30\xb8\xf1\b\x06M\x18w\xdc\x0e\x98?\x04G\xf9\x99\xab\xc1\xc0z\xe9Fu\x03\x9aj\xc0]\xb47\xd5\xb8]\x98y@\x8c\x8fM\x8c],\x1b\x03\xaa\'gv\xeb\xbf\xa8d\"\x94e3Q\xfci\xdf\xad\x819\xd1\xf3\xaa\xc8i\xf2\x8a\xc4CU3\x87Ns\x9f\x9f\xcd\x05\x06g\x9aRBg\x98\x10Ch\x1c\x96\xd3\xce', 0x7)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2000002, 0x10012, r0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x3, 0x0, 0x0, 0x40f00, 0x42, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
pipe2$9p(&(0x7f00000000c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r5}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000600)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@version_9p2000}]}})

1.893371382s ago: executing program 5 (id=597):
socket$nl_netfilter(0x10, 0x3, 0xc)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x2704, &(0x7f00000003c0)={0x0, 0x19, 0x2c84, 0x0, 0x136}, &(0x7f0000ff0000), 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000002000000000000000018118000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0xffffffffffffff9b)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r4}, 0x18)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x64, 0x0, 0x2, 0x0, 0x0, 0x8, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x1, 0x5}, 0x2, 0x0, 0x4, 0x0, 0x2, 0x2, 0x7, 0x0, 0x0, 0x0, 0xc0}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000600)='./file0\x00', 0xc8d0, &(0x7f0000000140)=ANY=[@ANYRES8=0x0], 0x1, 0x2e3, &(0x7f0000000280)="$eJzs3M9LG2kYwPEnMYkxoslh2WUXFh92L7uXQbP3paEolAYq1pT+gNJRJ23INJFMsKSU2p56Lf0jehCP3oTWf8BLbz310puXQg/1UDol8yNGjdXGH/HH9wPyvvq8T+Z9Z1Sed2Bm4+bLh+WiYxTNukSTKhERkU2RjEQlFAnaqNdPSLtn8u/g5/d/Xr91+2ounx+fUp3ITf+XVdXhkTePngwEw1b7ZT1zd+NT9uP6r+u/b3ybflBytORopVpXU2eqH+rmjG3pXMkpG6qTtmU6lpYqjlXz41U/XrSr8/MNNStzQ6n5muU4alYaWrYaWq9qvdZQ875ZqqhhGDqUEuynsDQ1Zea6TJ494sngmNRqObNPRAZ2RQpLPZkQAADoqaD+b1X70WZJ3039H+tY/y//tVYfvLEyHNT/q4lm/S/SVv/f2/qsbfV/UkSOvf7fXRGdL6774/ih6n+cEc36PxX8/Xqe31ke9TrU/wAAAAAAAAAAAAAAAAAAAAAAnAWbrpt2XTcdtuFXv4gkvSdI/O97PU8cD67/xbb14o7YsIj9YqGwUPDbYMCaiNhiyaik5av3+xBo9hOi3iBtyshbezHIX1wo9HmRXFFKXv6YpCWzM991J67kx8fUtz0/Lqn2/Kyk5ZfO+dmd+fFmm5B//m7LNyQt72alKrbMBU/GhflPx1QvX8vvOP6ANw4AAAAAgPPA0JbW/r2/PW7sjvv7Yz/e2l93vD/g769HO+7vY/JHrFerBgAAAADgYnEaj8umbVu1c9cJV3jQrPC9xnuMiUhkr9ARdMKDn4JTFz/QGYt2NdWRxE9elI6d8LbRXmNksptPdtMihz2Hv716/eXorsX/K8l9VtptJ7HfSuMn9x8IAAAAwEnZKvrDn1zq7YQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALiATuLFcr1eIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBafA8AAP//ohEIjg==")
open(&(0x7f0000000240)='./file0\x00', 0x145142, 0x14)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket$unix(0x1, 0x1, 0x0)

1.751239354s ago: executing program 2 (id=598):
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x1, &(0x7f0000000480)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0xca9a3b00000000, &(0x7f0000001100)={0x77359400}, 0x1)

1.734394204s ago: executing program 4 (id=599):
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c00000002060108000034e400000000000000000500010006000000"], 0x4c}}, 0x2)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="280000002100010002000000000000000a00000000000002016200000c"], 0x28}], 0x1}, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x2d)
ioctl$AUTOFS_IOC_FAIL(r1, 0x4c80, 0xffffffffffffffb6)
unshare(0x40000000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7, 0x0, 0x4}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7, 0x0, 0x3}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_POLICY={0x8, 0x8, 0x1, 0x0, 0xf5587fcdd4d192df}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xd}, @NFTA_SET_EXPRESSIONS={0x4}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x120}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x8c}, 0x1, 0x0, 0x0, 0x44000}, 0x20050800)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x88e, &(0x7f0000000d80)={[{@mblk_io_submit}, {@dioread_nolock}, {@bh}, {@errors_continue}, {@nouid32}, {@quota}, {@nogrpid}]}, 0x3, 0x445, &(0x7f0000000800)="$eJzs3M9rHFUcAPDv7CZt06YmlvqjadVoFYM/kiattQcvioIHBUEP9RiTtMRuG2ki2BI0itSjFLyLR8G/wJNeRD0JXvUuhSK5tIqHldmdSXY3u2k2blzNfj4wyXszb3nvuzNv9715mQTQs0bTH0nEYET8EhFD1Wx9gdHqr9uryzN/rC7PJFEuv/57Uil3a3V5Ji+av+5AnumLKHycxNEm9S5euXphulSau5zlJ5YuvjOxeOXq0/MXp8/PnZ+7NHXmzKmTk8+ennqmI3Gmcd0aeX/h2JGX37z+6szZ62/98FWSx98QR4eMbnbwsXK5w9V118GadNLXxYbQlmK1m0Z/pf8PRTHWT95QvPRRVxsH7KhyuVy+t/XhlTKwiyXR7RYA3ZF/0afz33zbfMDQ0eFH1918vjoBSuO+nW3VI31RyMr0N8xvO2k0Is6u/Pl5usXO3IcAAKjzTTr+earZ+K8QtfeF7srWUIYj4u6IOBQRpyPicETcE1Epe19E3N9m/Y2LJBvHP4Ub2wpsi9Lx33PZ2lb9+C8f/cVwMcsdrMTfn5ybL82dyN6Tsejfm+YnN6nj2xd//rTVsdrxX7ql9edjwawdN/r21r9mdnpp+p/EXOvmhxEjfc3iT9ZWApKIOBIRI9usY/6JL4+1Onbn+JurvCUdWGcqfxHxePX8r0RD/Llk8/XJiX1RmjsxkV8VG/3407XXWtW/3fg7JT3/+5te/2vxDye167WL7ddx7ddPWs5ptnv970neqNv33vTS0uXJiD3JK9VG1+6faig3tV4+jX/sePP+fyjW34mjEZFexA9ExIMR8VDW9ocj4pGIOL5J/N+/8OjbdTvGBtuIf2el8c+2df7XE3uicU/zRPHCd1/XVTocbcSfnv9TldRYtmcrn39badf2rmYAAAD4/ylExGAkhfG1dKEwPl79G/7Dsb9QWlhcevLcwruXZqvPCAxHfyG/0zVUcz90MpvW5/mphvzJ7L7xZ8WBSn58ZqE02+3goccdaNH/U78Vu906YMd5Xgt6l/4PvUv/h96l/0PvatL/Bzbu+qvhkUFgN2j2/f9BF9oB/Psa+r9lP+gh5v/Qu/R/6F36P/SkxYG480PyEhIbElH4TzRj5xP7tvhvLnZZotufTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ3xdwAAAP//FX7vJg==")
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000300)='mm_page_alloc\x00', r8}, 0x18)
socket$netlink(0x10, 0x3, 0x0)
r9 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r9, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e000100000000000000000000000000000000000000000a0060"], 0xb8}}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0x2, 0x0, 0x25dfdbfe, {{@in6=@private0, @in=@remote, 0x0, 0x4, 0x0, 0x0, 0xa, 0x60, 0x60, 0x3b, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {}, 0x9, 0x0, 0x0, 0x0, 0x2}}, 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x50)
socket$nl_xfrm(0x10, 0x3, 0x6)

1.709353124s ago: executing program 3 (id=600):
stat(&(0x7f0000000000)='./file0\x00', &(0x7f0000000100))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket$netlink(0x10, 0x3, 0x0)
prctl$PR_SET_NAME(0xf, &(0x7f0000000a40)='GPL\x00')
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r1, 0x0, 0x5}, 0x18)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000700)=@raw={'raw\x00', 0x3c1, 0x3, 0x4b0, 0x2e0, 0x940c, 0x3002, 0x2e0, 0x2c0, 0x3e0, 0x3d8, 0x3d8, 0x3e0, 0x3d8, 0x3, 0x0, {[{{@uncond, 0x0, 0x298, 0x2e0, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x200000, 0x0, 0x1, 0x0, 'syz1\x00'}}, @common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x2, 0x0, 'syz0\x00'}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@initdev={0xac, 0x1e, 0x80, 0x0}, 'virt_wifi0\x00', {0x6dbf}}}}, {{@uncond, 0x0, 0xd0, 0x100, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{0x0, 0x4, 0x1}, {0xffffffffffffffff, 0x3, 0x6}, 0x5, 0x1}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x510)

1.558433677s ago: executing program 3 (id=601):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x38, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000006, 0x2, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x1, 0x1, 0x8, 0x20005, 0x2b, 0x0, 0x0, 0x0, 0xa}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000180)="2e00000011008b88040f80ec59acbc0413a1f8480f0000005e2900421803001825000a001400000002800000121f", 0x2e}], 0x1}, 0x40800)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYRESOCT], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
sendmmsg(0xffffffffffffffff, &(0x7f00000001c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x44000)
r3 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, 0x0, 0x0)
write(r3, &(0x7f00000004c0)="330000001a005f0214f9f407000904001f000000ff00000000000000c8e7fe37ffbfd0f626a5b0a28aa5ff1e86dc9eeab25e53e32d1d439586a1123a457334f4c64284552b17acdeefdef0491f32fd1f6418e3389867aa1798bd48f32bc56f813bf92cae08d916308e6aefc5f399cffa92501470628ec735b3c7370c827e871ae008ab0c9582a7a12a7b38a22299bdb9585718dff4440d86fe853c179d395d549e6a3ce7cf14654c45c0c34fde1e70f8f787c189c3a021cd51fb26754dfed03fb27ee712ce607213801366a9324f56784c46370ba5d28ce4", 0xd8)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=@base={0x1c, 0x4, 0x208, 0x21, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0xfffffffd}, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r4}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r5}, 0x18)
mount$cgroup(0x0, &(0x7f0000000600)='.\x00', &(0x7f0000000640), 0x2208000, 0x0)
recvmmsg(r3, &(0x7f0000003bc0), 0x0, 0x2000a002, 0x0)
r6 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC(r6, 0x0, 0x5, &(0x7f0000000240)={@local, @empty, 0xfffb, "66c5aff8a7eb3af1f6cec2e7420000008c84aea31700", 0x96bd, 0x1000000, 0x7e, 0x6b}, 0x3c)
setsockopt$MRT_INIT(r6, 0x0, 0xc8, &(0x7f0000000080)=0x300, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
r8 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/notes', 0x60800, 0x0)
sendfile(r7, r8, 0x0, 0x1000000000004)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0xfffffff9}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_mount_image$iso9660(&(0x7f0000002900), &(0x7f0000000000)='./file0\x00', 0x2, &(0x7f00000002c0)=ANY=[], 0x1, 0x5b1, &(0x7f0000001000)="$eJzs3MFv29YZAPDHxK4NBwsGFGvSNEDZtIfsEFeSFwdGBywaTdtsJVEg5cI5DcXiZMHsblg2YMmly6VDgQ077bz1utOO+6d62T/ggRLlybIzuWkbZcDvB8TvUfzI9z2C4QcRIgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEKJks9FoRqGT9Xb34udLNou8e7y0EKbXj/f3rxPNCYsTf0MUQlT9C8vL4eroo6uv/zf2B9WfG+HKaOlKWK6a5fD00hvf/+D1hQvVhotRdCqLl+3xk6e//OTgYP83X2Obo6Ojz6rZfIdpvTTbaS8r86zb3k7jrMzjjfX1xvs7W2W8lXXS8l45SLtxUqTtQV7EN5O7IYSNtThdvZfv9rY32500vpn8MG5ubNy51Wo01uMPV/tpuyjz3vsfrpbJTtbpZL3tYUy1+lbr7XCnOhE/ygbxIG134/jBo4P9tVlJVkHN8wS1ZgW1Gq1Ws9lqNddvb9y+02gs12fr8QcLjSlhepOF+Z+0vHSv1SfKcGF8jXvtW7uIwws6Sv4y7xQAAACA71g0vMceDe/LXx32trJO2jgRcxTNLT0AAADgWzD8an+lvgEQwtUQnf7+DwAAAPx/+/u4c+YzdiGKQtlfisaPqvT33osO21WvfXhx9NHF6T0Otq5Fl+udDJv1hXopSa9Hb46C3hxHf1U3D57/rN8/Q5VHVBSL0bNvlkD4U7g2irl2f9TeH68ZzXZlK+ukq0ne+aAZ2u3LFwbp3uB3nz76fQhFcXTxi173chQePDrYX/35rw7uD3N5Vu3l2WH9C4lTP5Q4mctSmMjlt8fPPdYzvnvyyC8Ob8RUs/6i110ZjduYnP+F0eYXvsb8Pw9vjWLeWhm1Kyfnv1yN2Vw9Y/aTWTT7e+8t1YOdc+ZTWVwfxVy/OTyx3r1Zr1mcyKI1K4vW5PF/oWNxnMW7J7KYPBZrs7JY+4ZZAMzLg+kqdKr+n6q7L3CV+x/VvRqlKuEzq/svZo7yeXhnFPPOtYW6Il0MYeqK3ph1RW+cs66HcHYW/wg3/vbXEHbDjXHw82psNe6fT1TV6PDLaoMvT4/7h1FT/vvhzqWqs3T46/DG4ydPbz06/OTh/sP9T1uttfXGjxqN262wOJxG3ag9AJwhLb6KVgZ/jIoi6/+subHRbA920rjIk4/iItvcTuOsN0iLZKfd207jfpEP8iTvVJ2Ps820jMvdfj+vKklexP28zPaGb36J61e/lGm33RtkSdnvpO0yjZO8N2gng3gzK5O4v/vTTlbupEW8lRdx2U+TbCtL2oMs78Vlvlsk6Wocl2k6EZhtpkefhZBV3V7cL7Juu7gXf5x3drtpvJlW1bI/yKNQ7XA8VtbbyovucLer8z7YAPCKeBzqN9gdv8ru8U/Gq56cWnVmJyzPiJnzFAGAKdNVemneCQEAAAAAAAAAAAAAAKdMPq734/qVPud77O+V7dy9dNaqt+ef2GQnhLDwCqShc87O8quRxmL93/ZF9xOFEGYHf6+KmedVCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADO9p8AAAD//0n5kWY=")
socket$nl_netfilter(0x10, 0x3, 0xc)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r9, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000080050005000200000011000300686173683a69702c706f7274"], 0x4c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b70300000000000085000000"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0xe, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

999.162105ms ago: executing program 5 (id=602):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x18)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='mm_page_alloc\x00', r2}, 0x10)
r3 = syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$USBDEVFS_SUBMITURB(r4, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x7995}, 0xfcb5, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
r5 = socket(0x10, 0x803, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4, 0xc00}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000001c0)=@newtfilter={0x70, 0x2c, 0xd27, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, r7, {0xc, 0x4}, {}, {0x3, 0xf}}, [@filter_kind_options=@f_flow={{0x9}, {0x40, 0x2, [@TCA_FLOW_EMATCHES={0x3c, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xfffb}}, @TCA_EMATCH_TREE_LIST={0x30, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x7, 0x7, 0x2}, {{0x0, 0x1, 0x0, 0x1}, {0x0, 0x1, 0x1, 0x1}}}}, @TCF_EM_META={0x18, 0x2, 0x0, 0x0, {{0xfffb, 0x4, 0x2}, [@TCA_EM_META_HDR={0xc, 0x1, {{0x5, 0xe, 0x2}, {0x0, 0x7, 0x2}}}]}}]}]}]}}]}, 0x70}}, 0x200400d4)

998.138525ms ago: executing program 6 (id=603):
mknod(0x0, 0x8001420, 0x0)
open(0x0, 0xa5941, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', r1, 0x0, 0x2}, 0x18)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000600)='./file0\x00', 0xc8d0, &(0x7f0000000140)=ANY=[@ANYRES8=0x0], 0x1, 0x2e3, &(0x7f0000000280)="$eJzs3M9LG2kYwPEnMYkxoslh2WUXFh92L7uXQbP3paEolAYq1pT+gNJRJ23INJFMsKSU2p56Lf0jehCP3oTWf8BLbz310puXQg/1UDol8yNGjdXGH/HH9wPyvvq8T+Z9Z1Sed2Bm4+bLh+WiYxTNukSTKhERkU2RjEQlFAnaqNdPSLtn8u/g5/d/Xr91+2ounx+fUp3ITf+XVdXhkTePngwEw1b7ZT1zd+NT9uP6r+u/b3ybflBytORopVpXU2eqH+rmjG3pXMkpG6qTtmU6lpYqjlXz41U/XrSr8/MNNStzQ6n5muU4alYaWrYaWq9qvdZQ875ZqqhhGDqUEuynsDQ1Zea6TJ494sngmNRqObNPRAZ2RQpLPZkQAADoqaD+b1X70WZJ3039H+tY/y//tVYfvLEyHNT/q4lm/S/SVv/f2/qsbfV/UkSOvf7fXRGdL6774/ih6n+cEc36PxX8/Xqe31ke9TrU/wAAAAAAAAAAAAAAAAAAAAAAnAWbrpt2XTcdtuFXv4gkvSdI/O97PU8cD67/xbb14o7YsIj9YqGwUPDbYMCaiNhiyaik5av3+xBo9hOi3iBtyshbezHIX1wo9HmRXFFKXv6YpCWzM991J67kx8fUtz0/Lqn2/Kyk5ZfO+dmd+fFmm5B//m7LNyQt72alKrbMBU/GhflPx1QvX8vvOP6ANw4AAAAAgPPA0JbW/r2/PW7sjvv7Yz/e2l93vD/g769HO+7vY/JHrFerBgAAAADgYnEaj8umbVu1c9cJV3jQrPC9xnuMiUhkr9ARdMKDn4JTFz/QGYt2NdWRxE9elI6d8LbRXmNksptPdtMihz2Hv716/eXorsX/K8l9VtptJ7HfSuMn9x8IAAAAwEnZKvrDn1zq7YQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALiATuLFcr1eIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBafA8AAP//ohEIjg==")
r2 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x94)
ftruncate(r2, 0x2007ffc)
sendfile(r2, r2, 0x0, 0x800000009)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
getresuid(&(0x7f00000003c0)=<r4=>0x0, &(0x7f0000000400), 0x0)
mount$9p_rdma(&(0x7f00000002c0), 0x0, &(0x7f0000000380), 0x0, &(0x7f0000000ac0)=ANY=[@ANYBLOB='trans=rdma,port=0x0000000000004e22,rq=0x000000000000007c,posixacl,sq=0x00000000000007ff,timeout=0x000000000000000b,fowner>', @ANYRESDEC=r4, @ANYBLOB="f132af"])
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x2, &(0x7f0000000a00)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',privport,aname=kfree\x00,aname=\x00,rootcontext=sysadm_u,smackfshat=@*,obj_role=\x00,uid>', @ANYRESDEC=r4, @ANYBLOB="2c6f622a5f7473b5aa97823447d7066be7fecf3421f96b25723d002c00"])
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$sock_inet6_SIOCADDRT(r5, 0x890b, &(0x7f0000000300)={@dev={0xfe, 0x80, '\x00', 0xe}, @dev={0xfe, 0x80, '\x00', 0x2f}, @remote, 0x8, 0x3, 0x0, 0x500, 0x400, 0xd30112})
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r3)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r8 = socket$inet(0x2, 0xa, 0x1)
ioctl$sock_inet_SIOCADDRT(r8, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x4e21, @rand_addr=0x640100fe}, {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x21}}, {0x2, 0x4e22, @local}, 0x114, 0x0, 0x0, 0x0, 0x7, 0x0, 0x5, 0x8, 0xffff})
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000024463923cb7700bf000000207b1af8d900000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000181100"/83, @ANYRES32=r7, @ANYBLOB="0500000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$NL80211_CMD_DISASSOCIATE(r3, &(0x7f0000000700)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000800)=ANY=[@ANYRES16=r6, @ANYBLOB="00042bbd7000fbdbdf25280000000a00340002020202020200000a00340001010101010100000a003427041868755470c721430001010101010100005e79940e38da6c93663838f8e7"], 0x38}, 0x1, 0x0, 0x0, 0x4004}, 0x2000c080)
r9 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000300)={0x5, [0x0, 0x0, <r10=>0x0, 0x0, 0x0]}, &(0x7f0000000340)=0x18)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r9, 0x84, 0x7b, &(0x7f0000000380)={r10, 0xa43}, &(0x7f00000003c0)=0x8)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, &(0x7f0000000740)={r10, 0x62c2}, &(0x7f0000000780)=0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r11 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
close(r11)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0xf, 0xc, &(0x7f00000034c0))

861.951047ms ago: executing program 2 (id=604):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)
r1 = socket$inet6(0xa, 0x3, 0x6)
setsockopt$inet6_buf(r1, 0x29, 0x39, &(0x7f0000000040)="ff02040000b5ffffffffffffffff2e2be82db1af00000000", 0x18) (async)
unshare(0x2a020400)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000180)='./file1\x00', 0x20081e, &(0x7f00000001c0)={[{@errors_remount}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x7}}, {@noauto_da_alloc}]}, 0x1, 0x502, &(0x7f0000000a00)="$eJzs3c9vI1cdAPCvnV9OmjZp6QEQokspLGi1TuJto6oHKCeEUCVEjyBtQ+KNothxFDulCXvY/g9IVOIER/4Azj3xJyC4cYEDEj8iULMSSFPNeLzrzdob7yaxs/HnI41m3ryxv+/t7rzn+W7iF8DYuhYR9yJiOiI+iIiF/Hwh3+Ld9pZe99nR3fXjo7vrhUiS9/9VyOrTc9H1mtQL+XuWIuLH34/4WeHxuM2Dw+21Wq261y7OLrXqu0vNg8ObW/W1zepmdadSWV1ZXX771luVc+vra/Xp9sFE2sBv/yJt1nxe192Pc/T/JDP1IE5qMiJ+eAHBRmEi78/0qBvCMylGxCsR8Xp2/y/ERPa3CQBcZUmyEMlCdxkAuOqKWQ6sUCznuYD5KBbL5XYO79WYK9YazdaNO439nY12rmwxpop3tmrV5TxXuBhThbS8kh0/LFdOlG9FxMsR8cuZ2axcXm/UNkb5wQcAxtgLJ+b//860538A4IorjboBAMDQmf8BYPyY/wFg/Jj/AWD8mP8BYPyY/wFg/Jj/AWCs/Oi999ItOc6//3rjw4P97caHNzeqze1yfX+9vN7Y2y1vNhqb2Xf21E97v1qjsbvyZux/tPid3WZrqXlweLve2N9p3c6+1/t2dWoovQIAnuTl1z79cyEi7r0zm23RtZaDuRqutuJZXjx7fu0Ahm9i1A0ARsZqXzC+zvCMLz0AV0SPJXofUXrkcT+/OkmS5GKbBVyg61+S/4dx1ZX/91PAMGbk/2F8DZr/Py0/ADx/kqQw6Jr/MeiFAMDlJscP9Hm+fyXf/y7/z4Gfbpy84pOLbBUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcbp31f8v5WuDzUSyWyxEvRsRiTBXubNWqyxHxUkT8aWZqJi2vjLjNAMBZFf9eyNf/ur7wxvzJ2unC/ZlsHxE///X7v/pordXa+2N6/t8Pzrc+yc9XRtF+AOA0nXk623c9yH92dHe9sw2zPf/4XkSU2vGPj6bj+EH8yZjM9qWYioi5/xTycluhK3dxFvc+jogv9up/IeazHEh75dOT8dPYLw41fvGR+MWsrr1P/yy+8NSRk4VzaD481z5Nx593e91/xbiW7Xvf/6VshDq7fPxL32r9OBsDH8bvjH8Tfca/a4PGePMPP2gfzT5e93HElycjOrGPu8afTvxCn/hvDBj/L1/56uv96pLfRFyP3vG7Yy216rtLzYPDm1v1tc3qZnWnUlldWV1++9ZblaUsR73Ufzb45zs3XupXl/Z/rk/80in9/8aA/f/t/z74ydeeEP9bX+8VvxivPiF+Oid+c8D4a3O/L/WrS+Nv9Ox/R//+3xgw/l//dvjYsuEAwOg0Dw6312q16t4wDzofJIYa1MEVOEj/1VyCZvQ8+O6wYk3HU70qSZ4pVr8R4zyybsBl0L7Xk+peRNwfdWMAAAAAAAAAAAAAAICehvEbS6PuIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFfX5wEAAP//90HVog==") (async)
r2 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x101042, 0x30)
ioctl$EXT4_IOC_MIGRATE(r2, 0x6609)

852.753187ms ago: executing program 5 (id=605):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x5, 0x0, 0x0, 0x0, 0x25}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
r1 = socket$inet6(0xa, 0x6, 0x2)
accept(r1, 0x0, &(0x7f0000000000))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, [@call={0x85, 0x0, 0x0, 0x67}, @alu={0x4, 0x1, 0x8, 0xa, 0x0, 0x0, 0x8}, @tail_call={{0x18, 0x2, 0x1, 0x0, r0}}, @generic={0x1, 0x2, 0xe, 0x8d}, @btf_id={0x18, 0x4, 0x3, 0x0, 0x1}, @initr0={0x18, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0xfffffff9}]}, &(0x7f0000000200)='syzkaller\x00', 0x5, 0x28, &(0x7f0000000280)=""/40, 0x41100, 0x21, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x5, 0x4}, 0x8, 0x10, &(0x7f00000003c0)={0x3, 0xa, 0x7, 0x3}, 0x10, 0x0, 0x0, 0x1, &(0x7f0000000500)=[0xffffffffffffffff, r0, r0], &(0x7f0000000540)=[{0x3, 0x4, 0xe, 0x2}], 0x10, 0xfff}, 0x94)
r2 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000280), 0x1, 0x0)
writev(r2, &(0x7f0000000340)=[{&(0x7f0000002500)='\f7', 0x2}, {&(0x7f0000000000)='0', 0x1}], 0x2)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x18, 0x11, &(0x7f0000000740)=ANY=[@ANYBLOB="180000000600000000000000ffffffff18110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000800bf09000000002000550000000095000000000000001840000000000000b7020000010000008500000084000000b7000084000000009500"/112], &(0x7f0000000580)='GPL\x00', 0x150, 0xffd, &(0x7f0000000f80)=""/4093, 0x41100, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000800)={0x3, 0x3}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000840)}, 0x94)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000580)=ANY=[@ANYBLOB="5c0000000206050000000000000000000000000305000100070000000900020073797a3000000600000000000500050002000000050004000000000015000300686172740100"/84], 0x5c}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000940)='rpcgss_context\x00', r3, 0x0, 0x1000020}, 0x18)
r5 = socket$inet(0x2, 0x2, 0x1)
sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x14}, 0x4010)
r6 = openat$pidfd(0xffffff9c, &(0x7f0000000000), 0x0, 0x0)
pidfd_send_signal(r6, 0x0, &(0x7f00000000c0)={0x5, 0x0, 0x7}, 0x0)
sendmsg$inet(r5, &(0x7f0000000600)={&(0x7f0000000840)={0x2, 0x0, @local}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000040)="0047fe42ed6da3b300", 0x9}, {&(0x7f00000004c0)="1ed8b7f9d457", 0x6}], 0x2, &(0x7f0000000400)=ANY=[], 0x40}, 0x20000050)
openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000080), 0x80, 0x0)

544.388411ms ago: executing program 5 (id=606):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800614, &(0x7f0000000500), 0x3, 0x485, &(0x7f0000001500)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x2000000, 0x3032, 0xffffffffffffffff, 0x0)
r0 = socket$unix(0x1, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vxcan0\x00', <r1=>0x0})
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r2, &(0x7f0000000200)={0x1d, r1}, 0x10)
r3 = socket$netlink(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r7, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r8}, 0x10)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
sendmsg$can_bcm(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="01000000d7fe68ca7e4d5d5bdbe70000", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=r1, @ANYRES64=r0, @ANYBLOB="3bf81bb9e9"], 0x20000600}}, 0x0)
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00', r9}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000640), 0xffffffffffffffff)

77.352658ms ago: executing program 4 (id=607):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80cf}, 0x400c040)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, &(0x7f00000000c0)=0x468a, 0x4)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000040)={'vxcan1\x00', <r2=>0x0})
sendmsg$can_raw(r1, &(0x7f00000003c0)={&(0x7f0000000280)={0x1d, r2}, 0x10, &(0x7f0000000380)={&(0x7f00000002c0)=@can={{0x3, 0x0, 0x1}, 0x4, 0x2, 0x0, 0x0, "e3997e3df56fe25b"}, 0x10}, 0x1, 0x0, 0x0, 0x20000004}, 0x40)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r3}, 0x10)
gettid()
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
fcntl$lock(r4, 0x6, &(0x7f0000002000)={0x1})
fcntl$lock(r4, 0x26, &(0x7f00000031c0)={0x1, 0x0, 0x0, 0x1000000})

23.239859ms ago: executing program 3 (id=608):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket$netlink(0x10, 0x3, 0x0)
prctl$PR_SET_NAME(0xf, &(0x7f0000000a40)='GPL\x00')
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r1, 0x0, 0x5}, 0x18)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000700)=@raw={'raw\x00', 0x3c1, 0x3, 0x4b0, 0x2e0, 0x940c, 0x3002, 0x2e0, 0x2c0, 0x3e0, 0x3d8, 0x3d8, 0x3e0, 0x3d8, 0x3, 0x0, {[{{@uncond, 0x0, 0x298, 0x2e0, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x200000, 0x0, 0x1, 0x0, 'syz1\x00'}}, @common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x2, 0x0, 'syz0\x00'}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@initdev={0xac, 0x1e, 0x80, 0x0}, 'virt_wifi0\x00', {0x6dbf}}}}, {{@uncond, 0x0, 0xd0, 0x100, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{0x0, 0x4, 0x1}, {0xffffffffffffffff, 0x3, 0x6}, 0x5, 0x1}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x510)

0s ago: executing program 3 (id=609):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
syz_open_dev$sg(0x0, 0x0, 0x8002)
write$sndseq(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r2, 0x0, 0x20000010)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r4], &(0x7f0000001b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
socket(0xa, 0x801, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r6)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r6, &(0x7f0000000480)={0x0, 0x14, &(0x7f0000000580)={&(0x7f0000000540)={0x1c, r7, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x33}, @void}}}, 0x1c}}, 0x4000054)
ioctl$PPPIOCNEWUNIT(r3, 0xc004743e, &(0x7f0000000140))
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000180)={0x1, &(0x7f0000000000)=[{0x8, 0x0, 0x3, 0x1000}]})
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @queue}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @time=@time}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @result}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time}], 0x8c)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000838500000071000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
open(&(0x7f0000000040)='./file2\x00', 0x181042, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000d80)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r9}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000200)={[{@init_itable_val={'init_itable', 0x3d, 0x8000}}, {@nodiscard}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@jqfmt_vfsold}, {}, {@nobarrier}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000480)='mm_page_free\x00', r8}, 0x18)
syz_open_dev$usbmon(&(0x7f00000000c0), 0xcfae, 0x84102)

kernel console output (not intermixed with test programs):

 #16: comm syz.2.187: corrupted inode contents
[   37.659044][ T4070] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #16: comm syz.2.187: mark_inode_dirty error
[   37.753947][ T4070] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #16: comm syz.2.187: corrupted inode contents
[   37.800837][ T4070] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #16: comm syz.2.187: mark_inode_dirty error
[   37.823542][ T4070] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #16: comm syz.2.187: corrupted inode contents
[   37.836142][ T4070] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[   37.845635][ T4070] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #16: comm syz.2.187: corrupted inode contents
[   37.859126][ T4070] EXT4-fs error (device loop2): ext4_truncate:4597: inode #16: comm syz.2.187: mark_inode_dirty error
[   37.870528][ T4070] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[   37.880949][ T4070] EXT4-fs (loop2): 1 truncate cleaned up
[   37.886971][ T4070] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   37.893197][ T4083] syzkaller1: entered promiscuous mode
[   37.904934][ T4070] ext4 filesystem being mounted at /43/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   37.904954][ T4083] syzkaller1: entered allmulticast mode
[   37.942624][ T4086] loop3: detected capacity change from 0 to 512
[   37.973692][ T4086] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.192: bg 0: block 5: invalid block bitmap
[   37.987032][ T4086] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[   37.995989][ T4086] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.192: invalid indirect mapped block 3 (level 2)
[   38.011282][ T4086] EXT4-fs (loop3): 2 truncates cleaned up
[   38.017593][ T4086] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   38.047082][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.073515][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.234923][ T4107] loop0: detected capacity change from 0 to 8192
[   38.321724][ T4109] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=4109 comm=syz.0.199
[   38.334140][ T4109] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=4109 comm=syz.0.199
[   38.364770][ T4111] loop4: detected capacity change from 0 to 512
[   38.371641][ T4111] EXT4-fs: Ignoring removed i_version option
[   38.379797][ T4111] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   38.399698][ T4111] EXT4-fs (loop4): orphan cleanup on readonly fs
[   38.406639][ T4113] syz.0.201: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0
[   38.421329][ T4113] CPU: 0 UID: 0 PID: 4113 Comm: syz.0.201 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[   38.421426][ T4113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   38.421436][ T4113] Call Trace:
[   38.421442][ T4113]  <TASK>
[   38.421451][ T4113]  __dump_stack+0x1d/0x30
[   38.421520][ T4113]  dump_stack_lvl+0xe8/0x140
[   38.421540][ T4113]  dump_stack+0x15/0x1b
[   38.421555][ T4113]  warn_alloc+0x12b/0x1a0
[   38.421583][ T4113]  ? audit_log_end+0x1d7/0x1f0
[   38.421615][ T4113]  ? audit_log_end+0x1d7/0x1f0
[   38.421642][ T4113]  __vmalloc_node_range_noprof+0x9c/0xe00
[   38.421694][ T4113]  ? __pfx_avc_audit_post_callback+0x10/0x10
[   38.421723][ T4113]  ? slow_avc_audit+0x104/0x140
[   38.421747][ T4113]  ? should_fail_ex+0x30/0x280
[   38.421836][ T4113]  ? xskq_create+0x36/0xe0
[   38.421860][ T4113]  vmalloc_user_noprof+0x7d/0xb0
[   38.421888][ T4113]  ? xskq_create+0x80/0xe0
[   38.421910][ T4113]  xskq_create+0x80/0xe0
[   38.421944][ T4113]  xsk_init_queue+0x95/0xf0
[   38.421962][ T4113]  xsk_setsockopt+0x35c/0x510
[   38.421979][ T4113]  ? __pfx_xsk_setsockopt+0x10/0x10
[   38.421998][ T4113]  __sys_setsockopt+0x181/0x200
[   38.422030][ T4113]  ? __secure_computing+0x82/0x150
[   38.422173][ T4113]  __x64_sys_setsockopt+0x64/0x80
[   38.422204][ T4113]  x64_sys_call+0x2bd5/0x2fb0
[   38.422226][ T4113]  do_syscall_64+0xd2/0x200
[   38.422301][ T4113]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   38.422324][ T4113]  ? clear_bhb_loop+0x40/0x90
[   38.422351][ T4113]  ? clear_bhb_loop+0x40/0x90
[   38.422374][ T4113]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   38.422392][ T4113] RIP: 0033:0x7faf0e7ee929
[   38.422405][ T4113] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   38.422421][ T4113] RSP: 002b:00007faf0ce57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   38.422449][ T4113] RAX: ffffffffffffffda RBX: 00007faf0ea15fa0 RCX: 00007faf0e7ee929
[   38.422459][ T4113] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000008
[   38.422470][ T4113] RBP: 00007faf0e870b39 R08: 0000000000000004 R09: 0000000000000000
[   38.422480][ T4113] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[   38.422493][ T4113] R13: 0000000000000000 R14: 00007faf0ea15fa0 R15: 00007ffc2ae64c58
[   38.422514][ T4113]  </TASK>
[   38.422529][ T4113] Mem-Info:
[   38.440348][ T4111] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.200: bg 0: block 248: padding at end of block bitmap is not set
[   38.443199][ T4113] active_anon:7476 inactive_anon:3 isolated_anon:0
[   38.443199][ T4113]  active_file:6064 inactive_file:2398 isolated_file:0
[   38.443199][ T4113]  unevictable:0 dirty:1542 writeback:0
[   38.443199][ T4113]  slab_reclaimable:3000 slab_unreclaimable:15157
[   38.443199][ T4113]  mapped:29763 shmem:230 pagetables:1126
[   38.443199][ T4113]  sec_pagetables:0 bounce:0
[   38.443199][ T4113]  kernel_misc_reclaimable:0
[   38.443199][ T4113]  free:1889675 free_pcp:14757 free_cma:0
[   38.447624][ T4111] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.200: Failed to acquire dquot type 1
[   38.449404][ T4113] Node 0 active_anon:29904kB inactive_anon:12kB active_file:24256kB inactive_file:9592kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:119052kB dirty:6168kB writeback:0kB shmem:920kB writeback_tmp:0kB kernel_stack:3456kB pagetables:4504kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[   38.551435][ T4111] EXT4-fs (loop4): 1 truncate cleaned up
[   38.554306][ T4113] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   38.760249][ T4113] lowmem_reserve[]: 0 2882 7860 7860
[   38.760275][ T4113] Node 0 DMA32 free:2947832kB boost:0kB min:4132kB low:7060kB high:9988kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2951360kB mlocked:0kB bounce:0kB free_pcp:3528kB local_pcp:3528kB free_cma:0kB
[   38.760411][ T4113] lowmem_reserve[]: 0 0 4978 4978
[   38.760437][ T4113] Node 0 Normal free:4595408kB boost:0kB min:7188kB low:12284kB high:17380kB reserved_highatomic:0KB free_highatomic:0KB active_anon:30120kB inactive_anon:12kB active_file:24256kB inactive_file:9540kB unevictable:0kB writepending:6144kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:55324kB local_pcp:29900kB free_cma:0kB
[   38.839349][ T4118] loop1: detected capacity change from 0 to 2048
[   38.861656][ T4113] lowmem_reserve[]: 0 0 0 0
[   38.861690][ T4113] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[   38.885438][ T4113] Node 0 DMA32: 4*4kB (M) 3*8kB (M) 5*16kB (M) 2*32kB (M) 5*64kB (M) 4*128kB (M) 3*256kB (M) 4*512kB (M) 3*1024kB (M) 2*2048kB (M) 717*4096kB (M) = 2947832kB
[   38.901656][ T4113] Node 0 Normal: 1*4kB (M) 2*8kB (UE) 2*16kB (ME) 3*32kB (UME) 1*64kB (E) 0*128kB 1*256kB (M) 6*512kB (UM) 4*1024kB (UME) 8*2048kB (UME) 1116*4096kB (M) = 4595156kB
[   38.918686][ T4113] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[   38.928128][ T4113] 8707 total pagecache pages
[   38.932725][ T4113] 3 pages in swap cache
[   38.936954][ T4113] Free swap  = 124984kB
[   38.941127][ T4113] Total swap = 124996kB
[   38.945282][ T4113] 2097051 pages RAM
[   38.949143][ T4113] 0 pages HighMem/MovableOnly
[   38.953814][ T4113] 80811 pages reserved
[   38.959097][ T4111] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   38.979200][ T4111] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[   38.994360][ T4118] Cannot find add_set index 0 as target
[   39.000711][ T4111] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[   39.017077][ T4111] ext4 filesystem being remounted at /48/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   39.035268][ T4123] loop3: detected capacity change from 0 to 1024
[   39.059204][ T4127] __nla_validate_parse: 9 callbacks suppressed
[   39.059217][ T4127] netlink: 36 bytes leftover after parsing attributes in process `syz.0.206'.
[   39.091905][ T4123] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   39.105980][ T4127] loop0: detected capacity change from 0 to 1024
[   39.115503][ T4131] loop2: detected capacity change from 0 to 1024
[   39.115821][ T4127] EXT4-fs: Ignoring removed orlov option
[   39.134132][ T4131] EXT4-fs: Ignoring removed bh option
[   39.144156][ T4132] syzkaller1: entered promiscuous mode
[   39.149721][ T4132] syzkaller1: entered allmulticast mode
[   39.161274][ T4127] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   39.262519][ T4111] syz.4.200 (4111) used greatest stack depth: 9304 bytes left
[   39.285140][ T4125] netlink: 24 bytes leftover after parsing attributes in process `GPL'.
[   39.295084][ T4131] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   39.298531][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.316433][ T4131] capability: warning: `syz.2.207' uses deprecated v2 capabilities in a way that may be insecure
[   39.318005][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.327895][ T4131] program syz.2.207 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   39.365390][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.474592][ T4153] loop2: detected capacity change from 0 to 128
[   39.481818][ T4150] netlink: 32 bytes leftover after parsing attributes in process `syz.3.212'.
[   39.495782][ T4153] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   39.508992][ T4153] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   39.526369][ T4154] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   39.556494][ T4154] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   39.575087][ T4159] loop3: detected capacity change from 0 to 2048
[   39.607914][ T4159] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   39.669525][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.721041][ T4170] loop3: detected capacity change from 0 to 164
[   39.735901][ T4170] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   39.745529][ T4170] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   39.754146][ T4170] Symlink component flag not implemented
[   39.759826][ T4170] Symlink component flag not implemented
[   39.766610][ T4170] Symlink component flag not implemented (7)
[   39.772652][ T4170] Symlink component flag not implemented (116)
[   39.777818][ T4177] loop2: detected capacity change from 0 to 128
[   39.786092][ T4177] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   39.803649][ T4177] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   39.821683][ T4177] netlink: 12 bytes leftover after parsing attributes in process `syz.2.220'.
[   39.901644][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.902326][ T4179] syzkaller1: entered promiscuous mode
[   39.916212][ T4179] syzkaller1: entered allmulticast mode
[   40.002777][ T4182] netlink: 24 bytes leftover after parsing attributes in process `GPL'.
[   40.073738][ T4181] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=4181 comm=syz.0.222
[   40.086180][ T4181] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=4181 comm=syz.0.222
[   40.091368][ T4188] loop2: detected capacity change from 0 to 4096
[   40.112017][ T4191] loop3: detected capacity change from 0 to 128
[   40.123931][ T4191] FAT-fs (loop3): Directory bread(block 162) failed
[   40.139224][ T4191] FAT-fs (loop3): Directory bread(block 163) failed
[   40.141458][ T4194] loop0: detected capacity change from 0 to 128
[   40.145900][ T4191] FAT-fs (loop3): Directory bread(block 164) failed
[   40.152896][ T4188] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   40.158862][ T4191] FAT-fs (loop3): Directory bread(block 165) failed
[   40.177852][ T4191] FAT-fs (loop3): Directory bread(block 166) failed
[   40.184677][ T4191] FAT-fs (loop3): Directory bread(block 167) failed
[   40.191431][ T4191] FAT-fs (loop3): Directory bread(block 168) failed
[   40.198067][ T4191] FAT-fs (loop3): Directory bread(block 169) failed
[   40.205305][ T4194] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   40.248373][ T4191] netlink: 36 bytes leftover after parsing attributes in process `syz.3.225'.
[   40.252824][ T4194] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   40.257256][ T4191] netlink: 16 bytes leftover after parsing attributes in process `syz.3.225'.
[   40.257286][ T4191] netlink: 36 bytes leftover after parsing attributes in process `syz.3.225'.
[   40.284782][ T4191] netlink: 36 bytes leftover after parsing attributes in process `syz.3.225'.
[   40.309438][ T4198] loop4: detected capacity change from 0 to 2048
[   40.331006][ T4198] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   40.357906][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.383029][ T4203] netdevsim netdevsim3: Direct firmware load for ./file0 failed with error -2
[   40.422823][ T4208] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[   40.429233][ T4208] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[   40.437153][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.438810][ T4208] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[   40.452498][ T4208] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[   40.465831][ T4208] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[   40.472223][ T4208] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[   40.480273][ T4211] netlink: 36 bytes leftover after parsing attributes in process `syz.0.232'.
[   40.482586][ T4208] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[   40.495508][ T4208] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[   40.516581][ T4211] loop0: detected capacity change from 0 to 1024
[   40.517177][ T4208] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[   40.526808][ T4211] EXT4-fs: Ignoring removed orlov option
[   40.529279][ T4208] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[   40.551857][ T4211] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   40.591643][ T4218] FAULT_INJECTION: forcing a failure.
[   40.591643][ T4218] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   40.604758][ T4218] CPU: 1 UID: 0 PID: 4218 Comm: syz.4.233 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[   40.604785][ T4218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   40.604796][ T4218] Call Trace:
[   40.604804][ T4218]  <TASK>
[   40.604832][ T4218]  __dump_stack+0x1d/0x30
[   40.604922][ T4218]  dump_stack_lvl+0xe8/0x140
[   40.604942][ T4218]  dump_stack+0x15/0x1b
[   40.604959][ T4218]  should_fail_ex+0x265/0x280
[   40.605019][ T4218]  should_fail+0xb/0x20
[   40.605044][ T4218]  should_fail_usercopy+0x1a/0x20
[   40.605101][ T4218]  _copy_from_iter+0xcf/0xe40
[   40.605132][ T4218]  ? mntput+0x4b/0x80
[   40.605155][ T4218]  ? terminate_walk+0x27f/0x2a0
[   40.605205][ T4218]  tun_get_user+0x144/0x2500
[   40.605237][ T4218]  ? ref_tracker_alloc+0x1f2/0x2f0
[   40.605266][ T4218]  ? selinux_file_permission+0x1e4/0x320
[   40.605289][ T4218]  tun_chr_write_iter+0x15e/0x210
[   40.605313][ T4218]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   40.605396][ T4218]  vfs_write+0x49d/0x8e0
[   40.605501][ T4218]  ksys_write+0xda/0x1a0
[   40.605531][ T4218]  __x64_sys_write+0x40/0x50
[   40.605568][ T4218]  x64_sys_call+0x2cdd/0x2fb0
[   40.605596][ T4218]  do_syscall_64+0xd2/0x200
[   40.605625][ T4218]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   40.605650][ T4218]  ? clear_bhb_loop+0x40/0x90
[   40.605691][ T4218]  ? clear_bhb_loop+0x40/0x90
[   40.605730][ T4218]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   40.605751][ T4218] RIP: 0033:0x7fa9b89de929
[   40.605766][ T4218] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   40.605782][ T4218] RSP: 002b:00007fa9b7047038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   40.605801][ T4218] RAX: ffffffffffffffda RBX: 00007fa9b8c05fa0 RCX: 00007fa9b89de929
[   40.605814][ T4218] RDX: 00000000000000d2 RSI: 0000200000000480 RDI: 0000000000000004
[   40.605908][ T4218] RBP: 00007fa9b7047090 R08: 0000000000000000 R09: 0000000000000000
[   40.605967][ T4218] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   40.605979][ T4218] R13: 0000000000000000 R14: 00007fa9b8c05fa0 R15: 00007ffcf6683ae8
[   40.605998][ T4218]  </TASK>
[   40.835148][ T4220] lo speed is unknown, defaulting to 1000
[   40.840972][ T4220] lo speed is unknown, defaulting to 1000
[   40.846967][ T4220] lo speed is unknown, defaulting to 1000
[   40.854229][ T4220] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   40.865593][ T4220] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[   40.903997][ T4220] lo speed is unknown, defaulting to 1000
[   40.943714][ T4231] loop3: detected capacity change from 0 to 128
[   40.954015][ T4220] lo speed is unknown, defaulting to 1000
[   40.960099][ T4220] lo speed is unknown, defaulting to 1000
[   40.966319][ T4220] lo speed is unknown, defaulting to 1000
[   40.972524][ T4220] lo speed is unknown, defaulting to 1000
[   40.978368][ T4231] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   40.993503][ T4231] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   41.001230][ T4228] syzkaller1: entered promiscuous mode
[   41.008097][ T4228] syzkaller1: entered allmulticast mode
[   41.052678][ T4230] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=4230 comm=syz.4.237
[   41.065116][ T4230] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=4230 comm=syz.4.237
[   41.105580][ T4235] loop2: detected capacity change from 0 to 512
[   41.115364][ T4235] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   41.127544][ T4235] EXT4-fs (loop2): 1 truncate cleaned up
[   41.133657][ T4235] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   41.147947][   T63] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   41.157881][ T4235] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.193928][ T4239] IPv6: Can't replace route, no match found
[   41.247264][ T4248] loop1: detected capacity change from 0 to 128
[   41.255650][ T4248] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   41.269992][ T4248] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   41.289589][ T4246] loop3: detected capacity change from 0 to 8192
[   41.306697][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.419733][ T4255] sd 0:0:1:0: device reset
[   41.425274][ T4259] FAULT_INJECTION: forcing a failure.
[   41.425274][ T4259] name failslab, interval 1, probability 0, space 0, times 0
[   41.438245][ T4259] CPU: 1 UID: 0 PID: 4259 Comm: syz.0.244 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[   41.438394][ T4259] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   41.438406][ T4259] Call Trace:
[   41.438411][ T4259]  <TASK>
[   41.438417][ T4259]  __dump_stack+0x1d/0x30
[   41.438437][ T4259]  dump_stack_lvl+0xe8/0x140
[   41.438463][ T4259]  dump_stack+0x15/0x1b
[   41.438476][ T4259]  should_fail_ex+0x265/0x280
[   41.438509][ T4259]  should_failslab+0x8c/0xb0
[   41.438532][ T4259]  __kmalloc_noprof+0xa5/0x3e0
[   41.438554][ T4259]  ? unregister_netdevice_many_notify+0x4cf/0x1690
[   41.438636][ T4259]  ? unlist_netdevice+0x2cc/0x320
[   41.438653][ T4259]  unregister_netdevice_many_notify+0x4cf/0x1690
[   41.438744][ T4259]  ? __rcu_read_unlock+0x4f/0x70
[   41.438758][ T4259]  unregister_netdevice_queue+0x1f5/0x220
[   41.438776][ T4259]  unregister_netdev+0xb3/0xe0
[   41.438870][ T4259]  slip_close+0xe4/0x100
[   41.438903][ T4259]  ? __pfx_slip_close+0x10/0x10
[   41.438914][ T4259]  tty_ldisc_close+0x74/0xa0
[   41.438929][ T4259]  tty_set_ldisc+0x1b9/0x380
[   41.439017][ T4259]  tiocsetd+0x51/0x60
[   41.439063][ T4259]  tty_ioctl+0xa7f/0xb80
[   41.439078][ T4259]  ? __pfx_tty_ioctl+0x10/0x10
[   41.439169][ T4259]  __se_sys_ioctl+0xcb/0x140
[   41.439189][ T4259]  __x64_sys_ioctl+0x43/0x50
[   41.439206][ T4259]  x64_sys_call+0x19a8/0x2fb0
[   41.439218][ T4259]  do_syscall_64+0xd2/0x200
[   41.439311][ T4259]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   41.439358][ T4259]  ? clear_bhb_loop+0x40/0x90
[   41.439377][ T4259]  ? clear_bhb_loop+0x40/0x90
[   41.439389][ T4259]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   41.439400][ T4259] RIP: 0033:0x7faf0e7ee929
[   41.439409][ T4259] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   41.439419][ T4259] RSP: 002b:00007faf0ce57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   41.439507][ T4259] RAX: ffffffffffffffda RBX: 00007faf0ea15fa0 RCX: 00007faf0e7ee929
[   41.439566][ T4259] RDX: 0000200000000100 RSI: 0000000000005423 RDI: 0000000000000003
[   41.439573][ T4259] RBP: 00007faf0ce57090 R08: 0000000000000000 R09: 0000000000000000
[   41.439579][ T4259] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   41.439586][ T4259] R13: 0000000000000000 R14: 00007faf0ea15fa0 R15: 00007ffc2ae64c58
[   41.439597][ T4259]  </TASK>
[   41.686093][ T4255] loop2: detected capacity change from 0 to 512
[   41.737785][ T4265] loop0: detected capacity change from 0 to 512
[   41.744154][ T4259] Falling back ldisc for ttyS3.
[   41.757213][ T4255] EXT4-fs (loop2): too many log groups per flexible block group
[   41.765055][ T4255] EXT4-fs (loop2): failed to initialize mballoc (-12)
[   41.777310][ T4255] EXT4-fs (loop2): mount failed
[   41.787576][ T4276] loop1: detected capacity change from 0 to 512
[   41.809619][ T4276] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   41.819915][ T4265] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   41.854068][ T4265] ext4 filesystem being mounted at /46/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   41.879326][ T4285] 9pnet_fd: Insufficient options for proto=fd
[   41.911915][ T4276] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   41.924620][ T4266] loop4: detected capacity change from 0 to 8192
[   41.938706][ T4276] ext4 filesystem being mounted at /36/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   41.960501][ T4266] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   41.978168][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.991721][ T4276] EXT4-fs error (device loop1): ext4_xattr_block_get:593: inode #15: comm syz.1.250: corrupted xattr block 19: overlapping e_value 
[   42.005848][ T4276] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=15
[   42.019910][ T4276] EXT4-fs error (device loop1): ext4_xattr_block_get:593: inode #15: comm syz.1.250: corrupted xattr block 19: overlapping e_value 
[   42.041085][ T4276] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=15
[   42.051580][ T4276] EXT4-fs error (device loop1): ext4_xattr_block_get:593: inode #15: comm syz.1.250: corrupted xattr block 19: overlapping e_value 
[   42.123283][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.183474][ T4310] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=4310 comm=syz.3.252
[   42.188875][ T4306] syzkaller1: entered promiscuous mode
[   42.195905][ T4310] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=4310 comm=syz.3.252
[   42.201319][ T4306] syzkaller1: entered allmulticast mode
[   42.240500][ T4314] loop4: detected capacity change from 0 to 1024
[   42.268394][ T4314] EXT4-fs: Ignoring removed orlov option
[   42.340073][ T4314] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.389675][   T29] kauditd_printk_skb: 132 callbacks suppressed
[   42.389689][   T29] audit: type=1400 audit(1751903848.834:836): avc:  denied  { bind } for  pid=4320 comm="syz.3.255" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   42.412328][ T4319] loop1: detected capacity change from 0 to 8192
[   42.422123][   T29] audit: type=1400 audit(1751903848.864:837): avc:  denied  { read } for  pid=4320 comm="syz.3.255" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   42.452887][ T4319] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   42.497748][ T4325] syzkaller1: entered promiscuous mode
[   42.503309][ T4325] syzkaller1: entered allmulticast mode
[   42.523847][ T4323] loop2: detected capacity change from 0 to 512
[   42.531275][ T4328] loop3: detected capacity change from 0 to 1024
[   42.544450][ T4323] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   42.550286][ T4328] EXT4-fs: Ignoring removed orlov option
[   42.564782][ T4331] loop1: detected capacity change from 0 to 128
[   42.580671][ T4323] EXT4-fs (loop2): 1 truncate cleaned up
[   42.586574][ T4323] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   42.600202][ T4328] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.600350][ T4331] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   42.622253][ T4323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.635420][ T4331] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   42.676433][ T4334] loop0: detected capacity change from 0 to 2048
[   42.707814][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.729599][   T29] audit: type=1326 audit(1751903849.174:838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4335 comm="syz.1.262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2613d2e929 code=0x7ffc0000
[   42.790461][   T29] audit: type=1326 audit(1751903849.174:839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4335 comm="syz.1.262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=312 compat=0 ip=0x7f2613d2e929 code=0x7ffc0000
[   42.813748][   T29] audit: type=1326 audit(1751903849.174:840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4335 comm="syz.1.262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2613d2e929 code=0x7ffc0000
[   42.837156][   T29] audit: type=1326 audit(1751903849.174:841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4335 comm="syz.1.262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2613d2e929 code=0x7ffc0000
[   42.860339][   T29] audit: type=1326 audit(1751903849.174:842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4335 comm="syz.1.262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2613d2e929 code=0x7ffc0000
[   42.883664][   T29] audit: type=1326 audit(1751903849.204:843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4335 comm="syz.1.262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f2613d2e929 code=0x7ffc0000
[   42.906893][   T29] audit: type=1326 audit(1751903849.204:844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4335 comm="syz.1.262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2613d2e929 code=0x7ffc0000
[   42.930138][   T29] audit: type=1326 audit(1751903849.204:845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4335 comm="syz.1.262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f2613d2e929 code=0x7ffc0000
[   42.996820][ T4354] loop3: detected capacity change from 0 to 512
[   43.006009][ T4354] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   43.022373][ T4354] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.266: invalid indirect mapped block 4294967295 (level 1)
[   43.022418][ T4355] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=4355 comm=syz.1.265
[   43.048686][ T4355] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=4355 comm=syz.1.265
[   43.069164][ T4354] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.266: invalid indirect mapped block 4294967295 (level 1)
[   43.084183][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.091625][ T4354] EXT4-fs (loop3): 2 truncates cleaned up
[   43.099455][ T4354] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.154901][ T4360] loop4: detected capacity change from 0 to 4096
[   43.169038][ T4360] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.217134][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.260453][ T4368] loop0: detected capacity change from 0 to 1024
[   43.267748][ T4370] loop1: detected capacity change from 0 to 512
[   43.269303][ T4368] EXT4-fs: Ignoring removed orlov option
[   43.275148][ T4370] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   43.307511][ T4368] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.322882][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.335415][ T4370] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[   43.366356][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.375710][ T4373] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[   43.384101][ T4377] loop3: detected capacity change from 0 to 128
[   43.388128][ T4370] ext4 filesystem being mounted at /42/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   43.402651][ T4373] loop4: detected capacity change from 0 to 2048
[   43.428573][ T4377] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   43.446066][ T4377] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   43.481732][ T3527]  loop4: p2 p3 p7
[   43.520999][ T4381] loop0: detected capacity change from 0 to 512
[   43.531844][ T4373]  loop4: p2 p3 p7
[   43.546759][ T4381] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   43.551093][ T4370] lo speed is unknown, defaulting to 1000
[   43.590935][ T4385] loop3: detected capacity change from 0 to 1024
[   43.599078][ T4381] EXT4-fs (loop0): 1 truncate cleaned up
[   43.637534][ T4385] EXT4-fs: Ignoring removed orlov option
[   43.643689][ T4381] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   43.684860][ T4385] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.699649][ T3527] udevd[3527]: inotify_add_watch(7, /dev/loop4p7, 10) failed: No such file or directory
[   43.699912][ T3297] udevd[3297]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory
[   43.713605][ T3513] udevd[3513]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[   43.732989][ T4381] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.841288][ T4395] loop0: detected capacity change from 0 to 1024
[   43.852203][ T4387] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[   43.865698][ T4396] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=4396 comm=syz.4.280
[   43.878220][ T4396] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=4396 comm=syz.4.280
[   43.922668][ T4395] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.973389][   T63] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   44.006995][ T3307] EXT4-fs error (device loop0): ext4_lookup:1791: inode #12: comm syz-executor: deleted inode referenced: 11
[   44.013106][ T4406] loop4: detected capacity change from 0 to 512
[   44.028795][ T3307] EXT4-fs error (device loop0): ext4_lookup:1791: inode #12: comm syz-executor: deleted inode referenced: 11
[   44.066772][   T63] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   44.067037][ T4406] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.112598][ T4406] ext4 filesystem being mounted at /63/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   44.128301][   T63] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   44.139103][ T4406] FAULT_INJECTION: forcing a failure.
[   44.139103][ T4406] name failslab, interval 1, probability 0, space 0, times 0
[   44.151968][ T4406] CPU: 1 UID: 0 PID: 4406 Comm: syz.4.285 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[   44.151992][ T4406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   44.152059][ T4406] Call Trace:
[   44.152067][ T4406]  <TASK>
[   44.152075][ T4406]  __dump_stack+0x1d/0x30
[   44.152098][ T4406]  dump_stack_lvl+0xe8/0x140
[   44.152115][ T4406]  dump_stack+0x15/0x1b
[   44.152136][ T4406]  should_fail_ex+0x265/0x280
[   44.152240][ T4406]  should_failslab+0x8c/0xb0
[   44.152328][ T4406]  __kmalloc_node_noprof+0xa9/0x410
[   44.152379][ T4406]  ? alloc_slab_obj_exts+0x31/0x80
[   44.152404][ T4406]  alloc_slab_obj_exts+0x31/0x80
[   44.152428][ T4406]  __memcg_slab_post_alloc_hook+0x23f/0x580
[   44.152461][ T4406]  kmem_cache_alloc_lru_noprof+0x229/0x310
[   44.152517][ T4406]  ? __d_alloc+0x3d/0x350
[   44.152539][ T4406]  __d_alloc+0x3d/0x350
[   44.152557][ T4406]  d_alloc_parallel+0x53/0xc40
[   44.152646][ T4406]  ? __rcu_read_unlock+0x4f/0x70
[   44.152725][ T4406]  ? __d_lookup+0x316/0x340
[   44.152744][ T4406]  ? try_to_unlazy+0x25e/0x3a0
[   44.152765][ T4406]  path_openat+0x6b5/0x2170
[   44.152797][ T4406]  ? _parse_integer_limit+0x170/0x190
[   44.152893][ T4406]  do_filp_open+0x109/0x230
[   44.152921][ T4406]  do_open_execat+0xd8/0x260
[   44.152977][ T4406]  alloc_bprm+0x25/0x350
[   44.152994][ T4406]  do_execveat_common+0x12e/0x750
[   44.153012][ T4406]  __x64_sys_execve+0x5c/0x70
[   44.153064][ T4406]  x64_sys_call+0x13ab/0x2fb0
[   44.153076][ T4406]  do_syscall_64+0xd2/0x200
[   44.153096][ T4406]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   44.153110][ T4406]  ? clear_bhb_loop+0x40/0x90
[   44.153188][ T4406]  ? clear_bhb_loop+0x40/0x90
[   44.153207][ T4406]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   44.153335][ T4406] RIP: 0033:0x7fa9b89de929
[   44.153345][ T4406] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   44.153355][ T4406] RSP: 002b:00007fa9b7047038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[   44.153367][ T4406] RAX: ffffffffffffffda RBX: 00007fa9b8c05fa0 RCX: 00007fa9b89de929
[   44.153374][ T4406] RDX: 0000200000002140 RSI: 0000000000000000 RDI: 0000200000000040
[   44.153381][ T4406] RBP: 00007fa9b7047090 R08: 0000000000000000 R09: 0000000000000000
[   44.153463][ T4406] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   44.153470][ T4406] R13: 0000000000000000 R14: 00007fa9b8c05fa0 R15: 00007ffcf6683ae8
[   44.153481][ T4406]  </TASK>
[   44.405804][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.434898][ T4418] __nla_validate_parse: 15 callbacks suppressed
[   44.434915][ T4418] netlink: 36 bytes leftover after parsing attributes in process `syz.2.288'.
[   44.449895][ T4403] lo speed is unknown, defaulting to 1000
[   44.457426][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.470913][   T63] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   44.482056][ T4419] loop4: detected capacity change from 0 to 512
[   44.496898][ T4419] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   44.526668][ T4419] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[   44.551556][ T4419] EXT4-fs (loop4): 1 truncate cleaned up
[   44.565362][ T4402] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.580630][ T4423] loop3: detected capacity change from 0 to 512
[   44.609466][ T4403] chnl_net:caif_netlink_parms(): no params data found
[   44.648196][   T63] bridge_slave_1: left allmulticast mode
[   44.653926][   T63] bridge_slave_1: left promiscuous mode
[   44.659641][   T63] bridge0: port 2(bridge_slave_1) entered disabled state
[   44.672933][   T63] bridge_slave_0: left allmulticast mode
[   44.678723][   T63] bridge_slave_0: left promiscuous mode
[   44.684461][   T63] bridge0: port 1(bridge_slave_0) entered disabled state
[   44.718952][ T4423] ext4 filesystem being mounted at /58/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   44.809923][ T4443] netlink: 8 bytes leftover after parsing attributes in process `syz.3.292'.
[   44.897638][   T63] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   44.907657][   T63] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   44.917658][   T63] bond0 (unregistering): Released all slaves
[   44.964605][ T4451] loop3: detected capacity change from 0 to 512
[   44.981065][ T4451] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   45.022327][ T4451] EXT4-fs (loop3): 1 truncate cleaned up
[   45.051535][ T4403] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.058731][ T4403] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.068236][ T4403] bridge_slave_0: entered allmulticast mode
[   45.078886][ T4403] bridge_slave_0: entered promiscuous mode
[   45.087553][   T63] hsr_slave_0: left promiscuous mode
[   45.095953][   T63] hsr_slave_1: left promiscuous mode
[   45.101751][   T63] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   45.109176][   T63] batman_adv: batadv0: Removing interface: batadv_slave_0
[   45.118310][   T63] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   45.125817][   T63] batman_adv: batadv0: Removing interface: batadv_slave_1
[   45.138180][   T63] veth1_macvtap: left promiscuous mode
[   45.143712][   T63] veth0_macvtap: left promiscuous mode
[   45.150628][   T63] veth1_vlan: left promiscuous mode
[   45.156052][   T63] veth0_vlan: left promiscuous mode
[   45.231945][   T63] team0 (unregistering): Port device team_slave_1 removed
[   45.244209][   T63] team0 (unregistering): Port device team_slave_0 removed
[   45.305884][ T4403] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.313068][ T4403] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.323781][ T4403] bridge_slave_1: entered allmulticast mode
[   45.341163][ T4403] bridge_slave_1: entered promiscuous mode
[   45.414905][ T4403] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   45.429067][ T4403] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   45.447044][ T4441] lo speed is unknown, defaulting to 1000
[   45.467636][ T4482] netlink: 24 bytes leftover after parsing attributes in process `syz.3.295'.
[   45.513527][ T4403] team0: Port device team_slave_0 added
[   45.520866][ T4476] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   45.531753][ T4476] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   45.542993][ T4403] team0: Port device team_slave_1 added
[   45.553824][ T4482] netlink: 132 bytes leftover after parsing attributes in process `syz.3.295'.
[   45.581849][ T4403] batman_adv: batadv0: Adding interface: batadv_slave_0
[   45.588895][ T4403] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   45.614949][ T4403] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   45.630162][ T4403] batman_adv: batadv0: Adding interface: batadv_slave_1
[   45.637149][ T4403] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   45.663169][ T4403] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   45.702348][ T4403] hsr_slave_0: entered promiscuous mode
[   45.708532][ T4403] hsr_slave_1: entered promiscuous mode
[   45.714395][ T4403] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   45.716077][ T4496] netlink: 36 bytes leftover after parsing attributes in process `syz.3.297'.
[   45.722027][ T4403] Cannot create hsr debugfs directory
[   45.755095][ T4441] chnl_net:caif_netlink_parms(): no params data found
[   45.766355][ T4496] loop3: detected capacity change from 0 to 1024
[   45.773888][ T4496] EXT4-fs: Ignoring removed orlov option
[   45.795360][   T63] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   45.842008][ T4501] loop3: detected capacity change from 0 to 8192
[   45.851317][ T4501] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   45.873438][   T63] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   45.889852][ T4441] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.896924][ T4441] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.904665][ T4441] bridge_slave_0: entered allmulticast mode
[   45.905440][ T4507] netlink: 36 bytes leftover after parsing attributes in process `syz.3.299'.
[   45.912499][ T4441] bridge_slave_0: entered promiscuous mode
[   45.926226][ T4441] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.933358][ T4441] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.942186][ T4441] bridge_slave_1: entered allmulticast mode
[   45.949481][ T4441] bridge_slave_1: entered promiscuous mode
[   45.952375][ T4508] loop4: detected capacity change from 0 to 512
[   45.963777][   T63] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   45.975319][ T4508] EXT4-fs (loop4): blocks per group (95) and clusters per group (32768) inconsistent
[   45.992269][ T4509] loop3: detected capacity change from 0 to 1024
[   46.008201][ T4509] EXT4-fs: Ignoring removed orlov option
[   46.017408][ T4441] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   46.020747][ T4511] netlink: 8 bytes leftover after parsing attributes in process `syz.4.301'.
[   46.031493][ T4403] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   46.046584][   T63] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   46.065354][ T4441] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   46.074471][ T4403] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   46.120336][ T4403] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   46.143126][ T4403] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   46.151296][ T4515] netlink: 36 bytes leftover after parsing attributes in process `syz.2.302'.
[   46.160462][ T4513] loop4: detected capacity change from 0 to 8192
[   46.174286][ T4441] team0: Port device team_slave_0 added
[   46.182846][ T4441] team0: Port device team_slave_1 added
[   46.192828][ T4513] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   46.253061][   T63] bridge_slave_1: left allmulticast mode
[   46.258796][   T63] bridge_slave_1: left promiscuous mode
[   46.264440][   T63] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.287326][   T63] bridge_slave_0: left allmulticast mode
[   46.293116][   T63] bridge_slave_0: left promiscuous mode
[   46.298836][   T63] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.414978][   T63] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   46.429832][   T63] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   46.450233][   T63] bond0 (unregistering): Released all slaves
[   46.458577][ T4441] batman_adv: batadv0: Adding interface: batadv_slave_0
[   46.465576][ T4441] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.491657][ T4441] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   46.503104][ T4441] batman_adv: batadv0: Adding interface: batadv_slave_1
[   46.510108][ T4441] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.536168][ T4441] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   46.603551][ T4529] netlink: 8 bytes leftover after parsing attributes in process `syz.4.303'.
[   46.615148][ T4441] hsr_slave_0: entered promiscuous mode
[   46.621220][ T4441] hsr_slave_1: entered promiscuous mode
[   46.627176][ T4441] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   46.635644][ T4441] Cannot create hsr debugfs directory
[   46.644020][   T63] hsr_slave_0: left promiscuous mode
[   46.660022][   T63] hsr_slave_1: left promiscuous mode
[   46.665536][   T63] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   46.672950][   T63] batman_adv: batadv0: Removing interface: batadv_slave_0
[   46.688475][   T63] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   46.695860][   T63] batman_adv: batadv0: Removing interface: batadv_slave_1
[   46.718174][   T63] veth1_vlan: left promiscuous mode
[   46.723391][   T63] veth0_vlan: left promiscuous mode
[   46.762557][ T4532] loop4: detected capacity change from 0 to 512
[   46.770816][ T4532] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   46.783246][ T4532] EXT4-fs (loop4): 1 truncate cleaned up
[   46.814960][   T63] team0 (unregistering): Port device team_slave_1 removed
[   46.827295][   T63] team0 (unregistering): Port device team_slave_0 removed
[   46.935377][ T4403] 8021q: adding VLAN 0 to HW filter on device bond0
[   46.962125][ T4403] 8021q: adding VLAN 0 to HW filter on device team0
[   46.997920][   T51] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.005030][   T51] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.023064][   T51] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.028102][ T4539] netlink: 8 bytes leftover after parsing attributes in process `syz.4.305'.
[   47.030150][   T51] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.071606][ T4441] netdevsim netdevsim6 netdevsim0: renamed from eth0
[   47.091390][ T4544] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4544 comm=syz.2.307
[   47.110850][ T4441] netdevsim netdevsim6 netdevsim1: renamed from eth1
[   47.152242][ T4546] loop4: detected capacity change from 0 to 512
[   47.179588][ T4546] EXT4-fs (loop4): blocks per group (95) and clusters per group (32768) inconsistent
[   47.200017][ T4536] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   47.255205][ T4441] netdevsim netdevsim6 netdevsim2: renamed from eth2
[   47.285413][ T4441] netdevsim netdevsim6 netdevsim3: renamed from eth3
[   47.301375][ T4555] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   47.321558][ T4555] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   47.359494][ T4536] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   47.397584][ T4403] 8021q: adding VLAN 0 to HW filter on device batadv0
[   47.427183][ T4441] 8021q: adding VLAN 0 to HW filter on device bond0
[   47.441625][ T4441] 8021q: adding VLAN 0 to HW filter on device team0
[   47.472003][ T4536] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   47.489977][   T31] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.497074][   T31] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.507669][ T3441] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.514736][ T3441] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.543381][ T4536] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   47.628299][ T4441] 8021q: adding VLAN 0 to HW filter on device batadv0
[   47.663189][ T4536] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   47.675151][ T4403] veth0_vlan: entered promiscuous mode
[   47.710036][ T4536] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   47.721138][ T4403] veth1_vlan: entered promiscuous mode
[   47.749962][ T4536] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   47.779343][ T4536] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   47.805078][ T4403] veth0_macvtap: entered promiscuous mode
[   47.824275][ T4403] veth1_macvtap: entered promiscuous mode
[   47.848546][ T4403] batman_adv: batadv0: Interface activated: batadv_slave_0
[   47.857501][ T4403] batman_adv: batadv0: Interface activated: batadv_slave_1
[   47.896975][ T4441] veth0_vlan: entered promiscuous mode
[   47.904597][ T4403] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   47.913387][ T4403] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   47.922166][ T4403] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   47.930894][ T4403] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   47.959050][ T4441] veth1_vlan: entered promiscuous mode
[   47.966482][ T4600] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[   47.972446][ T4441] veth0_macvtap: entered promiscuous mode
[   47.983945][ T4600] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[   47.986008][ T4441] veth1_macvtap: entered promiscuous mode
[   48.013407][   T29] kauditd_printk_skb: 169 callbacks suppressed
[   48.013476][   T29] audit: type=1400 audit(1751903854.454:1015): avc:  denied  { read write } for  pid=4599 comm="syz.4.313" name="uhid" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[   48.043103][   T29] audit: type=1400 audit(1751903854.454:1016): avc:  denied  { open } for  pid=4599 comm="syz.4.313" path="/dev/uhid" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[   48.071171][   T29] audit: type=1400 audit(1751903854.514:1017): avc:  denied  { append } for  pid=4599 comm="syz.4.313" name="loop5" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   48.110072][ T4441] batman_adv: batadv0: Interface activated: batadv_slave_0
[   48.119265][   T29] audit: type=1400 audit(1751903854.544:1018): avc:  denied  { mount } for  pid=4403 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   48.141403][   T29] audit: type=1400 audit(1751903854.544:1019): avc:  denied  { mounton } for  pid=4403 comm="syz-executor" path="/root/syzkaller.bQ2dXv/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[   48.169762][ T4441] batman_adv: batadv0: Interface activated: batadv_slave_1
[   48.185694][   T29] audit: type=1400 audit(1751903854.624:1020): avc:  denied  { mount } for  pid=4403 comm="syz-executor" name="/" dev="gadgetfs" ino=4403 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[   48.209266][ T4441] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   48.218126][ T4441] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   48.226825][ T4441] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   48.235579][ T4441] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   48.283200][ T4609] (unnamed net_device) (uninitialized): option mode: invalid value (37)
[   48.396533][ T4614] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=4614 comm=syz.3.315
[   48.408980][ T4614] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=4614 comm=syz.3.315
[   48.467495][ T4621] loop3: detected capacity change from 0 to 2048
[   48.491028][ T4621] Cannot find add_set index 0 as target
[   48.540249][ T4623] loop3: detected capacity change from 0 to 512
[   48.547081][ T4623] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[   48.557645][ T4623] EXT4-fs (loop3): invalid journal inode
[   48.564230][ T4623] EXT4-fs (loop3): can't get journal size
[   48.569511][ T4626] FAULT_INJECTION: forcing a failure.
[   48.569511][ T4626] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   48.583051][ T4626] CPU: 0 UID: 0 PID: 4626 Comm: syz.6.316 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[   48.583074][ T4626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   48.583155][ T4626] Call Trace:
[   48.583162][ T4626]  <TASK>
[   48.583238][ T4626]  __dump_stack+0x1d/0x30
[   48.583257][ T4626]  dump_stack_lvl+0xe8/0x140
[   48.583274][ T4626]  dump_stack+0x15/0x1b
[   48.583324][ T4626]  should_fail_ex+0x265/0x280
[   48.583351][ T4626]  should_fail+0xb/0x20
[   48.583389][ T4626]  should_fail_usercopy+0x1a/0x20
[   48.583446][ T4626]  _copy_to_user+0x20/0xa0
[   48.583466][ T4626]  simple_read_from_buffer+0xb5/0x130
[   48.583573][ T4626]  proc_fail_nth_read+0x100/0x140
[   48.583598][ T4626]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   48.583615][ T4626]  vfs_read+0x19d/0x6f0
[   48.583688][ T4626]  ? __rcu_read_unlock+0x4f/0x70
[   48.583774][ T4626]  ? __rcu_read_unlock+0x4f/0x70
[   48.583788][ T4626]  ? __fget_files+0x184/0x1c0
[   48.583800][ T4626]  ksys_read+0xda/0x1a0
[   48.583848][ T4626]  __x64_sys_read+0x40/0x50
[   48.583873][ T4626]  x64_sys_call+0x2d77/0x2fb0
[   48.583894][ T4626]  do_syscall_64+0xd2/0x200
[   48.583956][ T4626]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   48.583999][ T4626]  ? clear_bhb_loop+0x40/0x90
[   48.584012][ T4626]  ? clear_bhb_loop+0x40/0x90
[   48.584088][ T4626]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   48.584130][ T4626] RIP: 0033:0x7fd9f353d33c
[   48.584152][ T4626] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   48.584187][ T4626] RSP: 002b:00007fd9f1b65030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   48.584199][ T4626] RAX: ffffffffffffffda RBX: 00007fd9f3766160 RCX: 00007fd9f353d33c
[   48.584206][ T4626] RDX: 000000000000000f RSI: 00007fd9f1b650a0 RDI: 0000000000000007
[   48.584212][ T4626] RBP: 00007fd9f1b65090 R08: 0000000000000000 R09: 0000000000000000
[   48.584219][ T4626] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   48.584298][ T4626] R13: 0000000000000001 R14: 00007fd9f3766160 R15: 00007ffdf4eded18
[   48.584309][ T4626]  </TASK>
[   48.585374][ T4623] EXT4-fs (loop3): 1 truncate cleaned up
[   49.053577][ T4636] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   49.059812][ T4641] FAULT_INJECTION: forcing a failure.
[   49.059812][ T4641] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   49.075057][ T4641] CPU: 1 UID: 0 PID: 4641 Comm: syz.4.322 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[   49.075084][ T4641] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   49.075093][ T4641] Call Trace:
[   49.075098][ T4641]  <TASK>
[   49.075104][ T4641]  __dump_stack+0x1d/0x30
[   49.075149][ T4641]  dump_stack_lvl+0xe8/0x140
[   49.075167][ T4641]  dump_stack+0x15/0x1b
[   49.075182][ T4641]  should_fail_ex+0x265/0x280
[   49.075229][ T4641]  should_fail+0xb/0x20
[   49.075255][ T4641]  should_fail_usercopy+0x1a/0x20
[   49.075291][ T4641]  _copy_from_user+0x1c/0xb0
[   49.075310][ T4641]  bpf_test_init+0xdf/0x160
[   49.075355][ T4641]  bpf_prog_test_run_skb+0x144/0xbd0
[   49.075385][ T4641]  ? __rcu_read_unlock+0x4f/0x70
[   49.075407][ T4641]  ? __fget_files+0x184/0x1c0
[   49.075423][ T4641]  ? __rcu_read_unlock+0x4f/0x70
[   49.075478][ T4641]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[   49.075611][ T4641]  bpf_prog_test_run+0x227/0x390
[   49.075642][ T4641]  __sys_bpf+0x3dc/0x790
[   49.075669][ T4641]  __x64_sys_bpf+0x41/0x50
[   49.075762][ T4641]  x64_sys_call+0x2478/0x2fb0
[   49.075784][ T4641]  do_syscall_64+0xd2/0x200
[   49.075815][ T4641]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   49.075868][ T4641]  ? clear_bhb_loop+0x40/0x90
[   49.075889][ T4641]  ? clear_bhb_loop+0x40/0x90
[   49.075907][ T4641]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   49.075993][ T4641] RIP: 0033:0x7fa9b89de929
[   49.076008][ T4641] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   49.076079][ T4641] RSP: 002b:00007fa9b7047038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   49.076159][ T4641] RAX: ffffffffffffffda RBX: 00007fa9b8c05fa0 RCX: 00007fa9b89de929
[   49.076173][ T4641] RDX: 000000000000004c RSI: 0000200000000640 RDI: 000000000000000a
[   49.076186][ T4641] RBP: 00007fa9b7047090 R08: 0000000000000000 R09: 0000000000000000
[   49.076197][ T4641] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   49.076208][ T4641] R13: 0000000000000000 R14: 00007fa9b8c05fa0 R15: 00007ffcf6683ae8
[   49.076227][ T4641]  </TASK>
[   49.079726][ T4636] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   49.336162][   T29] audit: type=1400 audit(1751903855.774:1021): avc:  denied  { read write } for  pid=4644 comm="syz.5.324" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[   49.360658][   T29] audit: type=1400 audit(1751903855.774:1022): avc:  denied  { open } for  pid=4644 comm="syz.5.324" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[   49.435204][   T29] audit: type=1400 audit(1751903855.874:1023): avc:  denied  { validate_trans } for  pid=4646 comm="syz.6.325" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[   49.558862][ T4657] __nla_validate_parse: 3 callbacks suppressed
[   49.558876][ T4657] netlink: 8 bytes leftover after parsing attributes in process `syz.3.329'.
[   49.598835][   T29] audit: type=1400 audit(1751903856.044:1024): avc:  denied  { read write } for  pid=4658 comm="syz.6.330" name="nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[   49.634197][ T4661] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=4661 comm=syz.4.328
[   49.646653][ T4661] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=4661 comm=syz.4.328
[   49.673718][ T4657] loop3: detected capacity change from 0 to 512
[   49.674082][ T4663] netlink: 'syz.6.331': attribute type 13 has an invalid length.
[   49.680914][ T4657] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   49.700369][ T4657] EXT4-fs (loop3): 1 truncate cleaned up
[   49.737043][ T4663] bridge0: port 2(bridge_slave_1) entered disabled state
[   49.744303][ T4663] bridge0: port 1(bridge_slave_0) entered disabled state
[   49.781515][ T4663] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   49.791671][ T4663] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   49.822108][ T4663] netdevsim netdevsim6 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   49.831010][ T4663] netdevsim netdevsim6 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   49.840061][ T4663] netdevsim netdevsim6 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   49.849009][ T4663] netdevsim netdevsim6 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   49.993225][ T4671] loop3: detected capacity change from 0 to 1024
[   50.000009][ T4671] EXT4-fs: Ignoring removed bh option
[   50.005836][ T4671] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   50.018631][ T4671] EXT4-fs error (device loop3): ext4_quota_enable:7124: comm syz.3.333: inode #2304: comm syz.3.333: iget: illegal inode #
[   50.040076][ T4673] loop6: detected capacity change from 0 to 128
[   50.047229][ T4671] EXT4-fs error (device loop3): ext4_quota_enable:7127: comm syz.3.333: Bad quota inode: 2304, type: 2
[   50.065486][ T4676] netlink: 'syz.2.335': attribute type 1 has an invalid length.
[   50.073298][ T4676] netlink: 224 bytes leftover after parsing attributes in process `syz.2.335'.
[   50.074001][ T4671] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=2, err=-117, ino=2304). Please run e2fsck to fix.
[   50.099593][ T4671] EXT4-fs (loop3): mount failed
[   50.191329][ T4689] netlink: 12 bytes leftover after parsing attributes in process `syz.5.340'.
[   50.209867][ T4690] netlink: 24 bytes leftover after parsing attributes in process `syz.3.338'.
[   50.219024][ T4689] netlink: 4 bytes leftover after parsing attributes in process `syz.5.340'.
[   50.227819][ T4689] netlink: 4 bytes leftover after parsing attributes in process `syz.5.340'.
[   50.237101][ T4689] netlink: 4 bytes leftover after parsing attributes in process `syz.5.340'.
[   50.305968][ T4695] netlink: 36 bytes leftover after parsing attributes in process `syz.3.342'.
[   50.349941][ T4695] loop3: detected capacity change from 0 to 1024
[   50.357657][ T4695] EXT4-fs: Ignoring removed orlov option
[   50.372420][ T4699] loop2: detected capacity change from 0 to 128
[   50.373931][ T4692] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   50.380493][ T4699] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   50.400733][ T4699] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   50.479640][ T4701] netlink: 8 bytes leftover after parsing attributes in process `syz.2.344'.
[   50.510600][ T4703] loop5: detected capacity change from 0 to 128
[   50.517008][ T4701] loop2: detected capacity change from 0 to 512
[   50.517340][ T4703] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   50.524048][ T4701] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   50.545531][ T4703] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   50.547268][ T4701] EXT4-fs (loop2): 1 truncate cleaned up
[   50.741850][ T4718] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   50.757621][ T4722] 9pnet: Could not find request transport: 0xffffffffffffffff
[   50.760008][ T4726] loop2: detected capacity change from 0 to 128
[   50.770605][ T4722] loop5: detected capacity change from 0 to 512
[   50.779414][ T4726] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   50.792001][ T4718] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   50.800409][ T4726] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   50.801702][ T4722] EXT4-fs error (device loop5): ext4_orphan_get:1393: inode #15: comm syz.5.351: iget: bad extended attribute block 1
[   50.823822][ T4722] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.351: couldn't read orphan inode 15 (err -117)
[   50.864386][ T4732] loop5: detected capacity change from 0 to 128
[   50.871818][ T4732] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   50.885656][ T4732] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   50.910876][ T4733] netlink: 12 bytes leftover after parsing attributes in process `syz.4.354'.
[   50.925345][    C0] net_ratelimit: 66 callbacks suppressed
[   50.925360][    C0] IPv4: Oversized IP packet from 172.20.20.170
[   50.938000][    C0] IPv4: Oversized IP packet from 172.20.20.170
[   50.945957][    C0] IPv4: Oversized IP packet from 172.20.20.170
[   50.952402][    C0] IPv4: Oversized IP packet from 172.20.20.170
[   50.958875][    C0] IPv4: Oversized IP packet from 172.20.20.170
[   50.965455][    C0] IPv4: Oversized IP packet from 172.20.20.170
[   50.978523][    C0] IPv4: Oversized IP packet from 172.20.20.170
[   50.990880][    C0] IPv4: Oversized IP packet from 172.20.20.170
[   50.998243][    C1] IPv4: Oversized IP packet from 172.20.20.170
[   51.005318][    C1] IPv4: Oversized IP packet from 172.20.20.170
[   51.054512][ T4738] infiniband syz1: set active
[   51.054575][ T4740] loop4: detected capacity change from 0 to 1024
[   51.059264][ T4738] infiniband syz1: added veth0_to_bridge
[   51.066795][ T4740] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   51.080097][ T4738] RDS/IB: syz1: added
[   51.082179][ T4740] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   51.086079][ T4738] smc: adding ib device syz1 with port count 1
[   51.103337][ T4740] JBD2: no valid journal superblock found
[   51.103525][ T4738] smc:    ib device syz1 port 1 has pnetid 
[   51.109255][ T4740] EXT4-fs (loop4): Could not load journal inode
[   51.200958][ T4749] loop4: detected capacity change from 0 to 1024
[   51.211126][ T4750] loop3: detected capacity change from 0 to 1764
[   51.218514][ T4750] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[   51.330757][ T4750] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=4750 comm=syz.3.361
[   51.377922][ T4762] loop5: detected capacity change from 0 to 512
[   51.385172][ T4762] EXT4-fs: test_dummy_encryption option not supported
[   51.407304][ T4765] loop3: detected capacity change from 0 to 512
[   51.409062][ T4755] lo speed is unknown, defaulting to 1000
[   51.421732][ T4765] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.364: bg 0: block 5: invalid block bitmap
[   51.434568][ T4765] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[   51.444356][ T4765] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.364: invalid indirect mapped block 3 (level 2)
[   51.458067][ T4759] lo speed is unknown, defaulting to 1000
[   51.478443][ T4765] EXT4-fs (loop3): 2 truncates cleaned up
[   51.583978][ T4779] SELinux: syz.6.368 (4779) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[   51.615098][ T4784] xt_hashlimit: max too large, truncated to 1048576
[   51.629251][ T4781] loop2: detected capacity change from 0 to 1024
[   51.637063][ T4781] EXT4-fs: Ignoring removed orlov option
[   51.662893][ T4793] netem: unknown loss type 0
[   51.667546][ T4793] netem: change failed
[   51.749756][ T4797] loop5: detected capacity change from 0 to 8192
[   51.762674][ T4797] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   52.114375][ T4803] loop4: detected capacity change from 0 to 512
[   52.121315][ T4803] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   52.132143][ T4803] EXT4-fs (loop4): 1 truncate cleaned up
[   52.387278][ T4811] pim6reg1: entered promiscuous mode
[   52.392703][ T4811] pim6reg1: entered allmulticast mode
[   52.493285][ T4814] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   52.532256][ T4819] loop4: detected capacity change from 0 to 2048
[   52.547423][ T4814] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   52.593089][ T4827] loop3: detected capacity change from 0 to 512
[   52.600467][ T4827] EXT4-fs (loop3): blocks per group (95) and clusters per group (32768) inconsistent
[   52.689828][ T4835] lo speed is unknown, defaulting to 1000
[   52.701753][ T4832] loop5: detected capacity change from 0 to 512
[   52.708748][ T4832] EXT4-fs: Ignoring removed i_version option
[   52.726797][ T4832] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   52.760404][ T4832] EXT4-fs (loop5): 1 truncate cleaned up
[   52.964310][ T4849] loop4: detected capacity change from 0 to 256
[   53.113524][ T4851] loop4: detected capacity change from 0 to 1024
[   53.148389][ T4851] EXT4-fs: Ignoring removed orlov option
[   53.360708][ T4856] loop6: detected capacity change from 0 to 512
[   53.390365][ T4856] EXT4-fs (loop6): revision level too high, forcing read-only mode
[   53.399717][ T4856] EXT4-fs (loop6): orphan cleanup on readonly fs
[   53.407600][ T4856] EXT4-fs error (device loop6): ext4_do_update_inode:5568: inode #16: comm syz.6.393: corrupted inode contents
[   53.441659][ T4856] EXT4-fs error (device loop6): ext4_dirty_inode:6459: inode #16: comm syz.6.393: mark_inode_dirty error
[   53.502090][ T4856] EXT4-fs error (device loop6): ext4_do_update_inode:5568: inode #16: comm syz.6.393: corrupted inode contents
[   53.535108][   T29] kauditd_printk_skb: 68 callbacks suppressed
[   53.535122][   T29] audit: type=1400 audit(1751903859.974:1093): avc:  denied  { create } for  pid=4866 comm="syz.5.396" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[   53.560313][ T4856] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #16: comm syz.6.393: mark_inode_dirty error
[   53.563179][   T29] audit: type=1400 audit(1751903859.974:1094): avc:  denied  { write } for  pid=4866 comm="syz.5.396" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[   53.574974][ T4867] loop5: detected capacity change from 0 to 2048
[   53.621728][ T4856] EXT4-fs error (device loop6): ext4_do_update_inode:5568: inode #16: comm syz.6.393: corrupted inode contents
[   53.647250][ T4856] EXT4-fs error (device loop6) in ext4_orphan_del:305: Corrupt filesystem
[   53.674091][ T4856] EXT4-fs error (device loop6): ext4_do_update_inode:5568: inode #16: comm syz.6.393: corrupted inode contents
[   53.678831][   T29] audit: type=1326 audit(1751903860.104:1095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4866 comm="syz.5.396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f015fa4e929 code=0x7ffc0000
[   53.702577][ T4856] EXT4-fs error (device loop6): ext4_truncate:4597: inode #16: comm syz.6.393: mark_inode_dirty error
[   53.710125][   T29] audit: type=1326 audit(1751903860.104:1096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4866 comm="syz.5.396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=428 compat=0 ip=0x7f015fa4e929 code=0x7ffc0000
[   53.730354][ T4856] EXT4-fs error (device loop6) in ext4_process_orphan:347: Corrupt filesystem
[   53.745550][   T29] audit: type=1326 audit(1751903860.104:1097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4866 comm="syz.5.396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f015fa4e929 code=0x7ffc0000
[   53.778850][   T29] audit: type=1326 audit(1751903860.104:1098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4866 comm="syz.5.396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=269 compat=0 ip=0x7f015fa4e929 code=0x7ffc0000
[   53.794123][ T4856] EXT4-fs (loop6): 1 truncate cleaned up
[   53.803295][   T29] audit: type=1326 audit(1751903860.104:1099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4866 comm="syz.5.396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f015fa4e929 code=0x7ffc0000
[   53.815921][ T4868] loop2: detected capacity change from 0 to 8192
[   53.832168][   T29] audit: type=1326 audit(1751903860.104:1100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4866 comm="syz.5.396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f015fa4e929 code=0x7ffc0000
[   53.858987][ T4868] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   53.861782][   T29] audit: type=1326 audit(1751903860.104:1101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4866 comm="syz.5.396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f015fa4e929 code=0x7ffc0000
[   53.896461][   T29] audit: type=1326 audit(1751903860.114:1102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4866 comm="syz.5.396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f015fa4e929 code=0x7ffc0000
[   53.937857][   T51] EXT4-fs error (device loop6): ext4_release_dquot:6969: comm kworker/u8:3: Failed to release dquot type 1
[   53.996221][ T4856] EXT4-fs error (device loop6): ext4_lookup:1787: inode #15: comm syz.6.393: iget: bad i_size value: 360287970189639690
[   54.047631][ T4872] loop3: detected capacity change from 0 to 512
[   54.072765][ T4872] EXT4-fs (loop3): blocks per group (95) and clusters per group (32768) inconsistent
[   54.152659][ T4873] loop4: detected capacity change from 0 to 2048
[   54.285291][ T4885] loop3: detected capacity change from 0 to 256
[   54.359554][ T4887] loop4: detected capacity change from 0 to 128
[   54.475351][ T4887] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   54.579840][ T4887] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   55.110504][ T4909] loop4: detected capacity change from 0 to 128
[   55.116888][ T4909] EXT4-fs: Ignoring removed nobh option
[   55.130182][ T4903] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   55.144401][ T4907] loop5: detected capacity change from 0 to 2048
[   55.158253][ T4903] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   55.194291][ T4912] tipc: Started in network mode
[   55.199281][ T4912] tipc: Node identity ac14140f, cluster identity 4711
[   55.206339][ T4912] tipc: New replicast peer: 255.255.255.255
[   55.213731][ T4912] tipc: Enabled bearer <udp:syz2>, priority 10
[   55.380969][ T4920] program syz.3.407 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   55.390314][ T4920] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[   55.409083][ T4920] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   55.428402][ T4909] ext4 filesystem being mounted at /94/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   55.809394][ T4933] loop3: detected capacity change from 0 to 2048
[   55.817619][ T4934] loop6: detected capacity change from 0 to 1024
[   55.834739][ T4934] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   55.859080][ T4934] EXT4-fs (loop6): revision level too high, forcing read-only mode
[   55.888550][ T4934] EXT4-fs (loop6): orphan cleanup on readonly fs
[   55.895052][ T4934] EXT4-fs error (device loop6): ext4_quota_enable:7124: inode #3: comm syz.6.414: iget: bad i_size value: 1407392063428608
[   55.944293][ T4947] loop5: detected capacity change from 0 to 256
[   55.951509][ T4934] EXT4-fs error (device loop6): ext4_quota_enable:7127: comm syz.6.414: Bad quota inode: 3, type: 0
[   55.972736][ T4934] EXT4-fs warning (device loop6): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[   55.987435][ T4934] EXT4-fs (loop6): Cannot turn on quotas: error -117
[   56.081574][ T4949] loop4: detected capacity change from 0 to 512
[   56.129782][ T4949] EXT4-fs error (device loop4): ext4_orphan_get:1393: inode #15: comm syz.4.421: iget: bad i_size value: 38620345925642
[   56.142759][ T4949] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.421: couldn't read orphan inode 15 (err -117)
[   56.215478][ T4954] __nla_validate_parse: 14 callbacks suppressed
[   56.215497][ T4954] netlink: 8 bytes leftover after parsing attributes in process `syz.3.420'.
[   56.261456][ T4955] netlink: 12 bytes leftover after parsing attributes in process `syz.4.422'.
[   56.315355][ T4960] loop6: detected capacity change from 0 to 256
[   56.338073][ T3360] tipc: Node number set to 2886997007
[   56.401390][ T4959] loop3: detected capacity change from 0 to 512
[   56.408357][ T4966] FAULT_INJECTION: forcing a failure.
[   56.408357][ T4966] name failslab, interval 1, probability 0, space 0, times 0
[   56.420981][ T4966] CPU: 1 UID: 0 PID: 4966 Comm: syz.6.426 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[   56.421008][ T4966] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   56.421020][ T4966] Call Trace:
[   56.421088][ T4966]  <TASK>
[   56.421096][ T4966]  __dump_stack+0x1d/0x30
[   56.421120][ T4966]  dump_stack_lvl+0xe8/0x140
[   56.421136][ T4966]  dump_stack+0x15/0x1b
[   56.421154][ T4966]  should_fail_ex+0x265/0x280
[   56.421204][ T4966]  should_failslab+0x8c/0xb0
[   56.421225][ T4966]  kmem_cache_alloc_noprof+0x50/0x310
[   56.421250][ T4966]  ? getname_flags+0x80/0x3b0
[   56.421274][ T4966]  getname_flags+0x80/0x3b0
[   56.421306][ T4966]  __x64_sys_rename+0x33/0x70
[   56.421326][ T4966]  x64_sys_call+0x2aee/0x2fb0
[   56.421380][ T4966]  do_syscall_64+0xd2/0x200
[   56.421412][ T4966]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   56.421439][ T4966]  ? clear_bhb_loop+0x40/0x90
[   56.421460][ T4966]  ? clear_bhb_loop+0x40/0x90
[   56.421518][ T4966]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   56.421540][ T4966] RIP: 0033:0x7fd9f353e929
[   56.421582][ T4966] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   56.421597][ T4966] RSP: 002b:00007fd9f1ba7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000052
[   56.421618][ T4966] RAX: ffffffffffffffda RBX: 00007fd9f3765fa0 RCX: 00007fd9f353e929
[   56.421648][ T4966] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000440
[   56.421661][ T4966] RBP: 00007fd9f1ba7090 R08: 0000000000000000 R09: 0000000000000000
[   56.421674][ T4966] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   56.421687][ T4966] R13: 0000000000000000 R14: 00007fd9f3765fa0 R15: 00007ffdf4eded18
[   56.421711][ T4966]  </TASK>
[   56.618544][ T4959] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   56.632184][ T4959] EXT4-fs (loop3): 1 truncate cleaned up
[   56.720995][ T4969] loop6: detected capacity change from 0 to 2048
[   56.731142][ T4971] netlink: 24 bytes leftover after parsing attributes in process `syz.2.429'.
[   56.769550][ T4969] Cannot find add_set index 0 as target
[   56.878430][ T4973] loop4: detected capacity change from 0 to 2048
[   57.083961][ T4989] netlink: 24 bytes leftover after parsing attributes in process `syz.5.427'.
[   57.362756][ T5003] xt_nat: multiple ranges no longer supported
[   57.714287][ T5016] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125
[   57.728891][ T5014] loop3: detected capacity change from 0 to 2048
[   57.766225][ T5014] Cannot find add_set index 0 as target
[   57.916432][ T5023] loop3: detected capacity change from 0 to 128
[   57.935535][ T5024] loop4: detected capacity change from 0 to 2048
[   57.951426][ T5023] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   57.983794][ T5023] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   58.145421][ T5034] loop3: detected capacity change from 0 to 1024
[   58.153753][ T5038] netlink: 14 bytes leftover after parsing attributes in process `syz.5.452'.
[   58.205228][ T5041] netlink: 20 bytes leftover after parsing attributes in process `syz.6.451'.
[   58.537764][ T5052] loop2: detected capacity change from 0 to 128
[   58.548783][   T29] kauditd_printk_skb: 89 callbacks suppressed
[   58.548796][   T29] audit: type=1400 audit(1751903864.994:1191): avc:  denied  { create } for  pid=5033 comm="syz.3.450" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   58.575669][ T5052] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   58.593233][   T29] audit: type=1400 audit(1751903865.014:1192): avc:  denied  { getopt } for  pid=5033 comm="syz.3.450" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   58.612562][   T29] audit: type=1400 audit(1751903865.014:1193): avc:  denied  { bind } for  pid=5033 comm="syz.3.450" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   58.649378][ T5052] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   58.680781][ T5054] loop5: detected capacity change from 0 to 512
[   58.687438][   T29] audit: type=1400 audit(1751903865.124:1194): avc:  denied  { write } for  pid=5045 comm="syz.6.453" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[   58.722215][ T5054] EXT4-fs error (device loop5): ext4_orphan_get:1393: inode #15: comm syz.5.455: casefold flag without casefold feature
[   58.740157][ T5054] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.455: couldn't read orphan inode 15 (err -117)
[   58.786785][   T29] audit: type=1400 audit(1751903865.224:1195): avc:  denied  { create } for  pid=5053 comm="syz.5.455" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   58.815333][ T5057] loop3: detected capacity change from 0 to 2048
[   58.911499][   T29] audit: type=1400 audit(1751903865.244:1196): avc:  denied  { connect } for  pid=5053 comm="syz.5.455" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   58.958856][   T29] audit: type=1400 audit(1751903865.404:1197): avc:  denied  { create } for  pid=5058 comm="syz.2.458" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   59.015058][   T29] audit: type=1326 audit(1751903865.454:1198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5062 comm="syz.4.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9b89de929 code=0x7ffc0000
[   59.079486][   T29] audit: type=1326 audit(1751903865.484:1199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5062 comm="syz.4.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa9b89de929 code=0x7ffc0000
[   59.102869][   T29] audit: type=1326 audit(1751903865.484:1200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5062 comm="syz.4.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9b89de929 code=0x7ffc0000
[   59.186660][ T5065] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5065 comm=syz.3.460
[   59.199101][ T5065] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=5065 comm=syz.3.460
[   59.229619][ T5068] netlink: 'syz.5.455': attribute type 1 has an invalid length.
[   59.287643][ T5059] syzkaller1: entered promiscuous mode
[   59.293184][ T5059] syzkaller1: entered allmulticast mode
[   59.353183][ T5070] netlink: 8 bytes leftover after parsing attributes in process `syz.4.461'.
[   59.453617][ T5070] loop4: detected capacity change from 0 to 512
[   59.461210][ T5081] xt_hashlimit: max too large, truncated to 1048576
[   59.471755][ T5070] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   59.493728][ T5070] EXT4-fs (loop4): 1 truncate cleaned up
[   59.521286][ T5083] FAULT_INJECTION: forcing a failure.
[   59.521286][ T5083] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   59.534460][ T5083] CPU: 1 UID: 0 PID: 5083 Comm: syz.3.466 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[   59.534544][ T5083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   59.534557][ T5083] Call Trace:
[   59.534564][ T5083]  <TASK>
[   59.534570][ T5083]  __dump_stack+0x1d/0x30
[   59.534593][ T5083]  dump_stack_lvl+0xe8/0x140
[   59.534614][ T5083]  dump_stack+0x15/0x1b
[   59.534632][ T5083]  should_fail_ex+0x265/0x280
[   59.534716][ T5083]  should_fail+0xb/0x20
[   59.534778][ T5083]  should_fail_usercopy+0x1a/0x20
[   59.534815][ T5083]  _copy_to_user+0x20/0xa0
[   59.534902][ T5083]  simple_read_from_buffer+0xb5/0x130
[   59.534931][ T5083]  proc_fail_nth_read+0x100/0x140
[   59.534964][ T5083]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   59.535073][ T5083]  vfs_read+0x19d/0x6f0
[   59.535142][ T5083]  ? __rcu_read_unlock+0x4f/0x70
[   59.535165][ T5083]  ? __fget_files+0x184/0x1c0
[   59.535186][ T5083]  ksys_read+0xda/0x1a0
[   59.535213][ T5083]  __x64_sys_read+0x40/0x50
[   59.535284][ T5083]  x64_sys_call+0x2d77/0x2fb0
[   59.535306][ T5083]  do_syscall_64+0xd2/0x200
[   59.535394][ T5083]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   59.535474][ T5083]  ? clear_bhb_loop+0x40/0x90
[   59.535531][ T5083]  ? clear_bhb_loop+0x40/0x90
[   59.535553][ T5083]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.535575][ T5083] RIP: 0033:0x7f6cb228d33c
[   59.535590][ T5083] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   59.535608][ T5083] RSP: 002b:00007f6cb08f7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   59.535646][ T5083] RAX: ffffffffffffffda RBX: 00007f6cb24b5fa0 RCX: 00007f6cb228d33c
[   59.535660][ T5083] RDX: 000000000000000f RSI: 00007f6cb08f70a0 RDI: 0000000000000007
[   59.535673][ T5083] RBP: 00007f6cb08f7090 R08: 0000000000000000 R09: 0000000000000000
[   59.535686][ T5083] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   59.535698][ T5083] R13: 0000000000000000 R14: 00007f6cb24b5fa0 R15: 00007ffd3fcff908
[   59.535734][ T5083]  </TASK>
[   60.317879][ T5095] ip6erspan0: tun_chr_ioctl cmd 1074025677
[   60.337409][ T5095] ip6erspan0: linktype set to 768
[   60.364591][ T5099] syz!: rxe_newlink: already configured on team_slave_0
[   60.387488][ T5099] netlink: 36 bytes leftover after parsing attributes in process `'.
[   60.395673][ T5099] netlink: 16 bytes leftover after parsing attributes in process `'.
[   60.403959][ T5099] netlink: 36 bytes leftover after parsing attributes in process `'.
[   60.444556][ T5102] netlink: 'syz.4.472': attribute type 4 has an invalid length.
[   60.452238][ T5102] netlink: 'syz.4.472': attribute type 2 has an invalid length.
[   60.532575][ T5105] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5105 comm=syz.6.474
[   60.544962][ T5105] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=5105 comm=syz.6.474
[   60.570369][ T5107] loop4: detected capacity change from 0 to 164
[   60.582312][ T5107] IPv6: Can't replace route, no match found
[   60.596854][ T5107] FAULT_INJECTION: forcing a failure.
[   60.596854][ T5107] name failslab, interval 1, probability 0, space 0, times 0
[   60.609604][ T5107] CPU: 1 UID: 0 PID: 5107 Comm: syz.4.475 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[   60.609628][ T5107] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   60.609641][ T5107] Call Trace:
[   60.609673][ T5107]  <TASK>
[   60.609680][ T5107]  __dump_stack+0x1d/0x30
[   60.609702][ T5107]  dump_stack_lvl+0xe8/0x140
[   60.609720][ T5107]  dump_stack+0x15/0x1b
[   60.609778][ T5107]  should_fail_ex+0x265/0x280
[   60.609807][ T5107]  should_failslab+0x8c/0xb0
[   60.609900][ T5107]  kmem_cache_alloc_noprof+0x50/0x310
[   60.609965][ T5107]  ? audit_log_start+0x365/0x6c0
[   60.609996][ T5107]  audit_log_start+0x365/0x6c0
[   60.610028][ T5107]  audit_seccomp+0x48/0x100
[   60.610052][ T5107]  ? __seccomp_filter+0x68c/0x10d0
[   60.610090][ T5107]  __seccomp_filter+0x69d/0x10d0
[   60.610127][ T5107]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   60.610158][ T5107]  ? vfs_write+0x75e/0x8e0
[   60.610204][ T5107]  __secure_computing+0x82/0x150
[   60.610226][ T5107]  syscall_trace_enter+0xcf/0x1e0
[   60.610250][ T5107]  do_syscall_64+0xac/0x200
[   60.610288][ T5107]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   60.610313][ T5107]  ? clear_bhb_loop+0x40/0x90
[   60.610407][ T5107]  ? clear_bhb_loop+0x40/0x90
[   60.610425][ T5107]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   60.610440][ T5107] RIP: 0033:0x7fa9b89de929
[   60.610455][ T5107] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   60.610472][ T5107] RSP: 002b:00007fa9b7047038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   60.610489][ T5107] RAX: ffffffffffffffda RBX: 00007fa9b8c05fa0 RCX: 00007fa9b89de929
[   60.610525][ T5107] RDX: 0000200000000040 RSI: 0000000000008923 RDI: 0000000000000009
[   60.610538][ T5107] RBP: 00007fa9b7047090 R08: 0000000000000000 R09: 0000000000000000
[   60.610548][ T5107] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   60.610560][ T5107] R13: 0000000000000000 R14: 00007fa9b8c05fa0 R15: 00007ffcf6683ae8
[   60.610578][ T5107]  </TASK>
[   60.911279][ T5109] loop6: detected capacity change from 0 to 512
[   60.918171][ T5109] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[   60.932017][ T5109] EXT4-fs error (device loop6): xattr_find_entry:333: inode #15: comm syz.6.476: corrupted xattr entries
[   60.943589][ T5109] EXT4-fs (loop6): Remounting filesystem read-only
[   60.951518][ T5109] EXT4-fs (loop6): 1 truncate cleaned up
[   60.959051][ T5109] netlink: 'syz.6.476': attribute type 1 has an invalid length.
[   61.414431][ T5107] @: renamed from vlan0 (while UP)
[   61.509777][ T5119] loop3: detected capacity change from 0 to 128
[   61.542486][ T5121] __nla_validate_parse: 2 callbacks suppressed
[   61.542505][ T5121] netlink: 8 bytes leftover after parsing attributes in process `syz.4.480'.
[   61.568701][ T5119] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   61.616179][ T5127] loop2: detected capacity change from 0 to 1024
[   61.623826][ T5119] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   61.663358][ T5130] loop4: detected capacity change from 0 to 512
[   61.696074][ T5132] loop6: detected capacity change from 0 to 512
[   61.710375][ T5130] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   61.728552][ T5129] loop5: detected capacity change from 0 to 1024
[   61.735707][ T5129] EXT4-fs: Ignoring removed nomblk_io_submit option
[   61.742633][ T5129] EXT4-fs: Mount option(s) incompatible with ext2
[   61.789162][ T5132] EXT4-fs error (device loop6): ext4_orphan_get:1393: inode #15: comm syz.6.485: iget: bad i_size value: 38620345925642
[   61.802380][ T5132] EXT4-fs error (device loop6): ext4_orphan_get:1398: comm syz.6.485: couldn't read orphan inode 15 (err -117)
[   61.822735][ T5132] EXT4-fs error (device loop6): ext4_validate_block_bitmap:432: comm syz.6.485: bg 0: block 5: invalid block bitmap
[   61.835591][ T5132] EXT4-fs (loop6): Delayed block allocation failed for inode 19 at logical offset 0 with max blocks 8 with error 28
[   61.847811][ T5132] EXT4-fs (loop6): This should not happen!! Data will be lost
[   61.847811][ T5132] 
[   61.857518][ T5132] EXT4-fs (loop6): Total free blocks count 0
[   61.863553][ T5132] EXT4-fs (loop6): Free/Dirty block details
[   61.869464][ T5132] EXT4-fs (loop6): free_blocks=0
[   61.874508][ T5132] EXT4-fs (loop6): dirty_blocks=8
[   61.879545][ T5132] EXT4-fs (loop6): Block reservation details
[   61.885615][ T5132] EXT4-fs (loop6): i_reserved_data_blocks=8
[   62.006343][ T5130] EXT4-fs (loop4): 1 truncate cleaned up
[   62.313041][ T5143] serio: Serial port ptm0
[   62.391438][ T5149] loop6: detected capacity change from 0 to 128
[   62.399067][ T5149] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   62.412189][ T5149] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   62.684906][ T5166] 8021q: adding VLAN 0 to HW filter on device macvlan2
[   62.737005][ T5175] netlink: 8 bytes leftover after parsing attributes in process `syz.2.499'.
[   62.758915][ T5176] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5176 comm=syz.5.495
[   62.771370][ T5176] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=5176 comm=syz.5.495
[   62.839704][ T5177] netlink: 8 bytes leftover after parsing attributes in process `syz.3.496'.
[   62.927765][ T5183] syzkaller1: entered promiscuous mode
[   62.933410][ T5183] syzkaller1: entered allmulticast mode
[   62.943003][ T5181] loop6: detected capacity change from 0 to 1024
[   63.009066][ T5181] EXT4-fs: Ignoring removed orlov option
[   63.104436][ T5184] loop3: detected capacity change from 0 to 8192
[   63.112792][ T5184] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   63.269468][ T5193] loop2: detected capacity change from 0 to 2048
[   63.299660][ T5193] Cannot find add_set index 0 as target
[   63.351163][ T5198] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   63.401719][ T5200] netlink: 76 bytes leftover after parsing attributes in process `syz.2.508'.
[   63.432452][ T5204] loop5: detected capacity change from 0 to 128
[   63.445271][ T5204] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   63.458071][ T5200] FAULT_INJECTION: forcing a failure.
[   63.458071][ T5200] name failslab, interval 1, probability 0, space 0, times 0
[   63.470838][ T5200] CPU: 1 UID: 0 PID: 5200 Comm: syz.2.508 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[   63.470863][ T5200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   63.470873][ T5200] Call Trace:
[   63.470879][ T5200]  <TASK>
[   63.470885][ T5200]  __dump_stack+0x1d/0x30
[   63.470904][ T5200]  dump_stack_lvl+0xe8/0x140
[   63.470973][ T5200]  dump_stack+0x15/0x1b
[   63.470990][ T5200]  should_fail_ex+0x265/0x280
[   63.471174][ T5200]  should_failslab+0x8c/0xb0
[   63.471196][ T5200]  kmem_cache_alloc_node_noprof+0x57/0x320
[   63.471223][ T5200]  ? __alloc_skb+0x101/0x320
[   63.471249][ T5200]  ? _raw_spin_unlock_bh+0x36/0x40
[   63.471316][ T5200]  __alloc_skb+0x101/0x320
[   63.471342][ T5200]  qdisc_notify+0xcb/0x280
[   63.471377][ T5200]  qdisc_graft+0xafb/0xcc0
[   63.471404][ T5200]  tc_modify_qdisc+0xe78/0x1380
[   63.471460][ T5200]  ? __pfx_tc_modify_qdisc+0x10/0x10
[   63.471484][ T5200]  rtnetlink_rcv_msg+0x657/0x6d0
[   63.471579][ T5200]  netlink_rcv_skb+0x123/0x220
[   63.471626][ T5200]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   63.471653][ T5200]  rtnetlink_rcv+0x1c/0x30
[   63.471680][ T5200]  netlink_unicast+0x5a1/0x670
[   63.471710][ T5200]  netlink_sendmsg+0x58b/0x6b0
[   63.471824][ T5200]  ? __pfx_netlink_sendmsg+0x10/0x10
[   63.471917][ T5200]  __sock_sendmsg+0x145/0x180
[   63.471939][ T5200]  ____sys_sendmsg+0x31e/0x4e0
[   63.471971][ T5200]  ___sys_sendmsg+0x17b/0x1d0
[   63.472090][ T5200]  __x64_sys_sendmsg+0xd4/0x160
[   63.472131][ T5200]  x64_sys_call+0x2999/0x2fb0
[   63.472152][ T5200]  do_syscall_64+0xd2/0x200
[   63.472182][ T5200]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   63.472234][ T5200]  ? clear_bhb_loop+0x40/0x90
[   63.472255][ T5200]  ? clear_bhb_loop+0x40/0x90
[   63.472349][ T5200]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   63.472367][ T5200] RIP: 0033:0x7fb3e6c1e929
[   63.472381][ T5200] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   63.472398][ T5200] RSP: 002b:00007fb3e5287038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   63.472440][ T5200] RAX: ffffffffffffffda RBX: 00007fb3e6e45fa0 RCX: 00007fb3e6c1e929
[   63.472453][ T5200] RDX: 0000000000000000 RSI: 0000200000000640 RDI: 0000000000000003
[   63.472464][ T5200] RBP: 00007fb3e5287090 R08: 0000000000000000 R09: 0000000000000000
[   63.472474][ T5200] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   63.472486][ T5200] R13: 0000000000000000 R14: 00007fb3e6e45fa0 R15: 00007fff30e252a8
[   63.472540][ T5200]  </TASK>
[   63.474764][ T5204] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   63.778520][   T29] kauditd_printk_skb: 246 callbacks suppressed
[   63.778535][   T29] audit: type=1326 audit(1751903870.224:1445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5205 comm="syz.2.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3e6c1e929 code=0x7ffc0000
[   63.809753][   T29] audit: type=1326 audit(1751903870.254:1446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5205 comm="syz.2.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3e6c1e929 code=0x7ffc0000
[   63.833225][   T29] audit: type=1326 audit(1751903870.254:1447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5205 comm="syz.2.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb3e6c1e929 code=0x7ffc0000
[   63.856717][   T29] audit: type=1326 audit(1751903870.254:1448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5205 comm="syz.2.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3e6c1e929 code=0x7ffc0000
[   63.880194][   T29] audit: type=1326 audit(1751903870.254:1449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5205 comm="syz.2.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3e6c1e929 code=0x7ffc0000
[   63.908908][   T29] audit: type=1326 audit(1751903870.344:1450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5205 comm="syz.2.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb3e6c1e929 code=0x7ffc0000
[   63.932291][   T29] audit: type=1326 audit(1751903870.344:1451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5205 comm="syz.2.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3e6c1e929 code=0x7ffc0000
[   63.955630][   T29] audit: type=1326 audit(1751903870.344:1452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5205 comm="syz.2.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3e6c1e929 code=0x7ffc0000
[   63.978995][   T29] audit: type=1326 audit(1751903870.344:1453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5205 comm="syz.2.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb3e6c1e929 code=0x7ffc0000
[   64.002362][   T29] audit: type=1326 audit(1751903870.344:1454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5205 comm="syz.2.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3e6c1e929 code=0x7ffc0000
[   64.185078][ T5211] syzkaller1: entered promiscuous mode
[   64.190708][ T5211] syzkaller1: entered allmulticast mode
[   64.251360][ T5217] loop3: detected capacity change from 0 to 1024
[   64.268334][ T5217] EXT4-fs: Ignoring removed orlov option
[   64.310196][ T5222] netlink: 4 bytes leftover after parsing attributes in process `syz.4.512'.
[   64.373066][ T5221] loop6: detected capacity change from 0 to 2048
[   64.421544][ T5222] atomic_op ffff888106dc5528 conn xmit_atomic 0000000000000000
[   64.477423][ T5226] loop3: detected capacity change from 0 to 128
[   64.491216][ T5226] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   64.520947][ T5226] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   64.667674][ T5230] SELinux: syz.3.520 (5230) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[   64.872253][ T5237] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125
[   64.900802][ T5238] SELinux: syz.3.523 (5238) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[   65.208823][ T5240] xt_nat: multiple ranges no longer supported
[   65.225763][ T5240] futex_wake_op: syz.5.521 tries to shift op by -1; fix this program
[   65.420656][ T5247] netlink: 24 bytes leftover after parsing attributes in process `syz.4.524'.
[   65.464094][ T5250] xt_TPROXY: Can be used only with -p tcp or -p udp
[   65.600760][ T5256] netlink: 8 bytes leftover after parsing attributes in process `syz.6.529'.
[   65.640948][ T5261] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5261 comm=syz.3.531
[   65.653822][ T5261] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=5261 comm=syz.3.531
[   65.670035][ T5262] random: crng reseeded on system resumption
[   65.752923][ T5266] netlink: '+}[@': attribute type 3 has an invalid length.
[   65.796185][ T5268] netlink: 8 bytes leftover after parsing attributes in process `syz.3.533'.
[   65.808919][ T5270] loop6: detected capacity change from 0 to 512
[   65.878993][ T5270] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[   65.978522][ T5270] EXT4-fs (loop6): 1 truncate cleaned up
[   65.984602][ T5270] EXT4-fs mount: 72 callbacks suppressed
[   65.984632][ T5270] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   66.005960][ T5270] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   66.041322][ T5285] loop4: detected capacity change from 0 to 128
[   66.051775][ T5283] loop5: detected capacity change from 0 to 2048
[   66.059951][ T5285] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   66.115852][ T5285] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   66.150924][ T5275] loop3: detected capacity change from 0 to 8192
[   66.198554][ T5275] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   66.249583][ T5291] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125
[   66.281417][ T5297] loop6: detected capacity change from 0 to 1024
[   66.328998][ T5297] EXT4-fs: Ignoring removed orlov option
[   66.352205][ T5300] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5300 comm=syz.4.543
[   66.364605][ T5300] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=5300 comm=syz.4.543
[   66.393311][ T5305] loop2: detected capacity change from 0 to 1024
[   66.409218][ T5305] EXT4-fs: Ignoring removed orlov option
[   66.440778][ T5305] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   66.562283][ T5309] netlink: 8 bytes leftover after parsing attributes in process `syz.3.545'.
[   66.587469][ T5297] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   66.650402][ T4441] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   66.704803][ T5314] loop4: detected capacity change from 0 to 2048
[   66.738400][ T5314] Cannot find add_set index 0 as target
[   66.816602][ T5318] netlink: '’': attribute type 10 has an invalid length.
[   66.827817][ T5310] loop3: detected capacity change from 0 to 8192
[   66.835608][ T5318] team0: Port device dummy0 added
[   66.847428][ T5318] netlink: '’': attribute type 10 has an invalid length.
[   66.874634][ T5318] team0: Failed to send port change of device dummy0 via netlink (err -105)
[   66.899366][ T5321] loop4: detected capacity change from 0 to 2048
[   66.915935][ T5310] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   66.930922][ T5325] loop5: detected capacity change from 0 to 512
[   66.943560][ T5325] EXT4-fs: Ignoring removed i_version option
[   66.952638][ T5321] Cannot find add_set index 0 as target
[   66.981344][ T5325] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[   66.991097][ T5318] team0: Failed to send options change via netlink (err -105)
[   67.020020][ T5318] team0: Failed to send port change of device dummy0 via netlink (err -105)
[   67.035710][ T5318] team0: Port device dummy0 removed
[   67.048401][ T5318] bond0: (slave dummy0): Enslaving as an active interface with an up link
[   67.060199][ T5328] loop4: detected capacity change from 0 to 512
[   67.066957][ T5325] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2842e02c, mo2=0002]
[   67.075903][ T5328] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   67.138257][ T5325] System zones: 1-12
[   67.142352][ T5325] EXT4-fs (loop5): orphan cleanup on readonly fs
[   67.150803][ T5325] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.549: invalid indirect mapped block 12 (level 1)
[   67.167106][ T5325] EXT4-fs (loop5): Remounting filesystem read-only
[   67.175049][ T5325] EXT4-fs (loop5): 1 truncate cleaned up
[   67.181592][ T5325] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none.
[   67.218668][ T5328] EXT4-fs (loop4): 1 truncate cleaned up
[   67.224632][ T5328] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   67.296530][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   67.358607][ T5334] netlink: 209852 bytes leftover after parsing attributes in process `syz.6.553'.
[   67.371881][ T4403] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[   67.386825][ T5334] net_ratelimit: 22 callbacks suppressed
[   67.386843][ T5334] netlink: zone id is out of range
[   67.400941][ T5334] netlink: del zone limit has 8 unknown bytes
[   67.425177][ T5340] loop2: detected capacity change from 0 to 1024
[   67.432094][ T5340] EXT4-fs: Ignoring removed orlov option
[   67.440361][ T5340] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   67.466429][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   67.546439][ T5347] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125
[   67.640438][ T5349] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5349 comm=syz.6.558
[   67.640540][ T5349] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=5349 comm=syz.6.558
[   67.763214][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   67.877878][ T5360] loop2: detected capacity change from 0 to 1024
[   67.897496][ T5360] loop2: detected capacity change from 0 to 512
[   67.898635][ T5365] loop4: detected capacity change from 0 to 1024
[   67.900899][ T5365] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.564: Failed to acquire dquot type 0
[   67.901526][ T5360] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   67.901851][ T5365] EXT4-fs (loop4): 1 truncate cleaned up
[   67.902350][ T5365] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   68.060359][ T5360] EXT4-fs (loop2): orphan cleanup on readonly fs
[   68.060380][ T5360] EXT4-fs error (device loop2): ext4_orphan_get:1419: comm syz.2.562: bad orphan inode 458763
[   68.060578][ T5360] EXT4-fs (loop2): Remounting filesystem read-only
[   68.061102][ T5360] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   68.099908][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.120468][ T5373] xt_CT: You must specify a L4 protocol and not use inversions on it
[   68.225163][ T5363] program syz.3.560 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   68.313521][ T5378] loop4: detected capacity change from 0 to 512
[   68.342943][ T5378] loop4: detected capacity change from 0 to 1024
[   68.343257][ T5378] ext4: Bad value for 'min_batch_time'
[   68.671117][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.709495][ T5409] loop2: detected capacity change from 0 to 128
[   68.716259][ T5409] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   68.728291][ T5409] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   68.794883][   T29] kauditd_printk_skb: 195 callbacks suppressed
[   68.794898][   T29] audit: type=1400 audit(1751903875.234:1648): avc:  denied  { mounton } for  pid=5406 comm="syz.6.568" path="/53/file1" dev="tmpfs" ino=308 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   68.823676][   T29] audit: type=1400 audit(1751903875.234:1649): avc:  denied  { mount } for  pid=5406 comm="syz.6.568" name="/" dev="ramfs" ino=11716 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[   68.889135][   T29] audit: type=1400 audit(1751903875.314:1650): avc:  denied  { write } for  pid=5406 comm="syz.6.568" name="event2" dev="devtmpfs" ino=251 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   68.913054][   T29] audit: type=1400 audit(1751903875.314:1651): avc:  denied  { open } for  pid=5406 comm="syz.6.568" path="/dev/input/event2" dev="devtmpfs" ino=251 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   68.930534][ T5410] loop6: detected capacity change from 0 to 512
[   68.957546][ T5410] EXT4-fs: Ignoring removed nomblk_io_submit option
[   69.004458][ T5410] ext4: Unknown parameter 'appraise'
[   69.031549][ T5414] netlink: 8 bytes leftover after parsing attributes in process `syz.5.570'.
[   69.042119][ T5419] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125
[   69.166138][   T29] audit: type=1400 audit(1751903875.604:1652): avc:  denied  { create } for  pid=5420 comm="syz.4.571" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   69.189595][ T5421] SELinux: syz.4.571 (5421) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[   69.261690][   T29] audit: type=1400 audit(1751903875.624:1653): avc:  denied  { write } for  pid=5420 comm="syz.4.571" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   69.281768][   T29] audit: type=1400 audit(1751903875.624:1654): avc:  denied  { nlmsg_write } for  pid=5420 comm="syz.4.571" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   69.360598][ T5416] loop5: detected capacity change from 0 to 8192
[   69.389050][ T5426] loop3: detected capacity change from 0 to 128
[   69.389524][   T29] audit: type=1400 audit(1751903875.754:1655): avc:  denied  { relabelfrom } for  pid=5420 comm="syz.4.571" name="" dev="pipefs" ino=11749 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[   69.395730][ T5426] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   69.447461][ T5416] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   69.469662][   T29] audit: type=1400 audit(1751903875.904:1656): avc:  denied  { connect } for  pid=5423 comm="syz.2.573" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   69.529113][ T5426] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   69.591242][   T29] audit: type=1326 audit(1751903876.034:1657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5428 comm="syz.4.575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9b89de929 code=0x7ffc0000
[   69.664902][ T5429] SELinux: failed to load policy
[   69.709241][ T5429] netlink: 12 bytes leftover after parsing attributes in process `syz.4.575'.
[   69.793621][ T5436] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5436 comm=syz.2.577
[   69.806065][ T5436] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=5436 comm=syz.2.577
[   69.905688][ T5441] loop3: detected capacity change from 0 to 512
[   69.914208][ T5441] EXT4-fs error (device loop3): ext4_orphan_get:1393: inode #15: comm syz.3.582: casefold flag without casefold feature
[   69.941627][ T5445] loop4: detected capacity change from 0 to 128
[   69.949112][ T5441] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.582: couldn't read orphan inode 15 (err -117)
[   69.961992][ T5445] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   69.975974][ T5441] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   69.990369][ T5445] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   70.239867][ T5457] netlink: 'syz.3.582': attribute type 1 has an invalid length.
[   70.248736][ T5456] syzkaller1: entered promiscuous mode
[   70.254272][ T5456] syzkaller1: entered allmulticast mode
[   70.274311][ T5458] netlink: 'syz.5.586': attribute type 13 has an invalid length.
[   70.308365][ T5460] loop2: detected capacity change from 0 to 1024
[   70.337464][ T5460] netlink: 12 bytes leftover after parsing attributes in process `syz.2.587'.
[   71.208837][ T5473] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125
[   71.222478][ T5458] bridge0: port 2(bridge_slave_1) entered disabled state
[   71.229710][ T5458] bridge0: port 1(bridge_slave_0) entered disabled state
[   71.295853][ T5458] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   71.307757][ T5458] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   71.349374][ T5458] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   71.358395][ T5458] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   71.367259][ T5458] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   71.376225][ T5458] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   71.431138][   T36] syz1: Port: 1 Link DOWN
[   71.472726][ T5478] netlink: 20 bytes leftover after parsing attributes in process `syz.2.591'.
[   71.510704][ T5481] netlink: 8 bytes leftover after parsing attributes in process `syz.4.592'.
[   71.524362][ T5482] loop5: detected capacity change from 0 to 1024
[   71.535884][ T5483] loop2: detected capacity change from 0 to 1024
[   71.556727][ T5482] EXT4-fs: Ignoring removed orlov option
[   71.566976][ T5483] EXT4-fs: Ignoring removed nobh option
[   71.572628][ T5483] EXT4-fs: inline encryption not supported
[   71.595164][ T5482] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.610085][ T5468] lo speed is unknown, defaulting to 1000
[   71.630496][ T5483] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   71.652232][ T5484] loop4: detected capacity change from 0 to 512
[   71.670439][ T5484] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   71.689393][ T5484] EXT4-fs (loop4): 1 truncate cleaned up
[   71.705751][ T5484] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   71.725983][ T5467] lo speed is unknown, defaulting to 1000
[   71.732628][ T5483] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4113: comm syz.2.591: Allocating blocks 385-513 which overlap fs metadata
[   71.748144][ T5484] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.763398][ T5483] EXT4-fs (loop2): pa ffff888106ac1770: logic 16, phys. 129, len 24
[   71.771445][ T5483] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[   71.802948][ T5483] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 28
[   71.815156][ T5483] EXT4-fs (loop2): This should not happen!! Data will be lost
[   71.815156][ T5483] 
[   71.824907][ T5483] EXT4-fs (loop2): Total free blocks count 0
[   71.830910][ T5483] EXT4-fs (loop2): Free/Dirty block details
[   71.836794][ T5483] EXT4-fs (loop2): free_blocks=128
[   71.842008][ T5483] EXT4-fs (loop2): dirty_blocks=0
[   71.847022][ T5483] EXT4-fs (loop2): Block reservation details
[   71.853016][ T5483] EXT4-fs (loop2): i_reserved_data_blocks=0
[   72.249610][ T5494] netlink: 36 bytes leftover after parsing attributes in process `syz.6.595'.
[   72.317416][ T5495] loop6: detected capacity change from 0 to 1024
[   72.325158][ T5495] EXT4-fs: Ignoring removed orlov option
[   72.334555][ T5495] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   72.698922][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.724130][ T4403] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.765137][ T5502] loop3: detected capacity change from 0 to 128
[   72.792873][ T5502] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   72.829764][ T5502] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   72.853684][ T5504] loop5: detected capacity change from 0 to 128
[   73.021507][ T5510] Cannot find add_set index 0 as target
[   73.326205][ T5515] netlink: 14 bytes leftover after parsing attributes in process `syz.3.601'.
[   73.388352][ T5513] lo speed is unknown, defaulting to 1000
[   73.455764][ T5512] loop4: detected capacity change from 0 to 512
[   73.462467][ T5512] EXT4-fs: Ignoring removed mblk_io_submit option
[   73.468929][ T5512] EXT4-fs: Ignoring removed bh option
[   73.475066][ T5512] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   73.486893][ T5512] EXT4-fs (loop4): 1 truncate cleaned up
[   73.492986][ T5512] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.593254][ T5515] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   73.607236][ T5521] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125
[   73.619687][ T4441] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.646713][ T5515] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   73.684319][ T5515] bond0 (unregistering): Released all slaves
[   73.800420][ T5527] loop2: detected capacity change from 0 to 512
[   73.831770][   T29] kauditd_printk_skb: 83 callbacks suppressed
[   73.831786][   T29] audit: type=1404 audit(1751903880.274:1741): enforcing=1 old_enforcing=0 auid=4294967295 ses=4294967295 enabled=1 old-enabled=1 lsm=selinux res=1
[   73.861291][ T5527] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.876405][ T5528] netlink: 52 bytes leftover after parsing attributes in process `syz.5.605'.
[   73.885413][   T29] audit: type=1404 audit(1751903880.294:1742): enforcing=0 old_enforcing=1 auid=4294967295 ses=4294967295 enabled=1 old-enabled=1 lsm=selinux res=1
[   73.900430][   T29] audit: type=1400 audit(1751903880.294:1743): avc:  denied  { prog_load } for  pid=5525 comm="syz.5.605" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   73.919514][   T29] audit: type=1400 audit(1751903880.294:1744): avc:  denied  { bpf } for  pid=5525 comm="syz.5.605" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   73.940130][   T29] audit: type=1400 audit(1751903880.294:1745): avc:  denied  { perfmon } for  pid=5525 comm="syz.5.605" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   73.961069][   T29] audit: type=1400 audit(1751903880.314:1746): avc:  denied  { create } for  pid=5525 comm="syz.5.605" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   73.981636][   T29] audit: type=1400 audit(1751903880.314:1747): avc:  denied  { write } for  pid=5525 comm="syz.5.605" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   74.010172][ T5527] ext4 filesystem being mounted at /128/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   74.059499][ T5527] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.093308][ T5536] loop3: detected capacity change from 0 to 736
[   74.100911][ T5537] loop5: detected capacity change from 0 to 512
[   74.116452][ T5536] rock: directory entry would overflow storage
[   74.122701][ T5536] rock: sig=0x3b10, size=4, remaining=3
[   74.138878][ T5537] EXT4-fs error (device loop5): ext4_orphan_get:1393: inode #15: comm syz.5.606: casefold flag without casefold feature
[   74.171939][ T5537] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.606: couldn't read orphan inode 15 (err -117)
[   74.222389][ T5537] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.259297][   T29] audit: type=1400 audit(1751903880.454:1748): avc:  denied  { create } for  pid=5525 comm="syz.5.605" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   74.278848][   T29] audit: type=1400 audit(1751903880.454:1749): avc:  denied  { mount } for  pid=5526 comm="syz.2.604" name="/" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   74.300505][   T29] audit: type=1400 audit(1751903880.464:1750): avc:  denied  { write } for  pid=5525 comm="syz.5.605" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   74.516231][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.529810][ T5540] netlink: 'syz.5.606': attribute type 1 has an invalid length.
[   74.629722][ T5544] netlink: 8 bytes leftover after parsing attributes in process `syz.3.609'.
[   74.668281][ T5544] loop3: detected capacity change from 0 to 512
[   74.675412][ T5544] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   74.688679][ T5544] EXT4-fs (loop3): 1 truncate cleaned up
[   74.694906][ T5544] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   74.708846][ T5544] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.936122][    C0] ==================================================================
[   74.944234][    C0] BUG: KCSAN: data-race in can_can_gw_rcv / can_can_gw_rcv
[   74.951440][    C0] 
[   74.953758][    C0] read-write to 0xffff8881191d9020 of 4 bytes by interrupt on cpu 1:
[   74.961825][    C0]  can_can_gw_rcv+0x807/0x820
[   74.966516][    C0]  can_rcv_filter+0xc7/0x4f0
[   74.971117][    C0]  can_receive+0x163/0x1c0
[   74.975546][    C0]  can_rcv+0xed/0x190
[   74.979544][    C0]  __netif_receive_skb+0x11d/0x270
[   74.984666][    C0]  process_backlog+0x229/0x420
[   74.989445][    C0]  __napi_poll+0x66/0x3a0
[   74.993783][    C0]  net_rx_action+0x391/0x830
[   74.998382][    C0]  handle_softirqs+0xba/0x290
[   75.003066][    C0]  __irq_exit_rcu+0x3a/0xc0
[   75.007576][    C0]  sysvec_apic_timer_interrupt+0x74/0x80
[   75.013228][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   75.019216][    C0]  finish_task_switch+0xb6/0x2b0
[   75.024160][    C0]  __schedule+0x6a8/0xb30
[   75.028496][    C0]  schedule+0x5f/0xd0
[   75.032485][    C0]  schedule_timeout+0x53/0x170
[   75.037247][    C0]  unix_wait_for_peer+0x113/0x170
[   75.042280][    C0]  unix_dgram_sendmsg+0x87f/0xfa0
[   75.047315][    C0]  __sock_sendmsg+0x145/0x180
[   75.052002][    C0]  ____sys_sendmsg+0x345/0x4e0
[   75.056780][    C0]  ___sys_sendmsg+0x17b/0x1d0
[   75.061476][    C0]  __sys_sendmmsg+0x178/0x300
[   75.066177][    C0]  __x64_sys_sendmmsg+0x57/0x70
[   75.071051][    C0]  x64_sys_call+0x2f2f/0x2fb0
[   75.075733][    C0]  do_syscall_64+0xd2/0x200
[   75.080250][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.086147][    C0] 
[   75.088470][    C0] read-write to 0xffff8881191d9020 of 4 bytes by interrupt on cpu 0:
[   75.096532][    C0]  can_can_gw_rcv+0x807/0x820
[   75.101229][    C0]  can_rcv_filter+0xc7/0x4f0
[   75.105837][    C0]  can_receive+0x163/0x1c0
[   75.110271][    C0]  can_rcv+0xed/0x190
[   75.114266][    C0]  __netif_receive_skb+0x11d/0x270
[   75.119378][    C0]  process_backlog+0x229/0x420
[   75.124173][    C0]  __napi_poll+0x66/0x3a0
[   75.128504][    C0]  net_rx_action+0x391/0x830
[   75.133101][    C0]  handle_softirqs+0xba/0x290
[   75.137787][    C0]  __irq_exit_rcu+0x3a/0xc0
[   75.142297][    C0]  sysvec_apic_timer_interrupt+0x74/0x80
[   75.147938][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   75.153925][    C0]  __sanitizer_cov_trace_pc+0x18/0x70
[   75.159316][    C0]  scm_recv_unix+0x2d/0x220
[   75.163824][    C0]  __unix_dgram_recvmsg+0x74f/0x840
[   75.169039][    C0]  unix_dgram_recvmsg+0x81/0x90
[   75.173906][    C0]  sock_recvmsg_nosec+0x104/0x130
[   75.178943][    C0]  ____sys_recvmsg+0x26f/0x280
[   75.183722][    C0]  ___sys_recvmsg+0x11f/0x370
[   75.188416][    C0]  do_recvmmsg+0x1ef/0x540
[   75.192838][    C0]  __x64_sys_recvmmsg+0xe5/0x170
[   75.197778][    C0]  x64_sys_call+0x1c6a/0x2fb0
[   75.202466][    C0]  do_syscall_64+0xd2/0x200
[   75.206988][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.212890][    C0] 
[   75.215203][    C0] value changed: 0x00158134 -> 0x00158135
[   75.220920][    C0] 
[   75.223238][    C0] Reported by Kernel Concurrency Sanitizer on:
[   75.229391][    C0] CPU: 0 UID: 0 PID: 5539 Comm: syz.5.606 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[   75.239988][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   75.250059][    C0] ==================================================================
[   75.261480][ T5548] loop4: detected capacity change from 0 to 1024
[   75.269137][ T5548] EXT4-fs: Ignoring removed orlov option
[   75.279368][ T5550] loop6: detected capacity change from 0 to 128
[   75.355070][    C0] ==================================================================
[   75.363200][    C0] BUG: KCSAN: data-race in can_rcv_filter / can_rcv_filter
[   75.370426][    C0] 
[   75.372744][    C0] read-write to 0xffff888101f7c108 of 8 bytes by interrupt on cpu 1:
[   75.380809][    C0]  can_rcv_filter+0xd9/0x4f0
[   75.385399][    C0]  can_receive+0x163/0x1c0
[   75.389817][    C0]  can_rcv+0xed/0x190
[   75.393813][    C0]  __netif_receive_skb+0x11d/0x270
[   75.398937][    C0]  process_backlog+0x229/0x420
[   75.403705][    C0]  __napi_poll+0x66/0x3a0
[   75.408037][    C0]  net_rx_action+0x391/0x830
[   75.412626][    C0]  handle_softirqs+0xba/0x290
[   75.417305][    C0]  do_softirq+0x5d/0x90
[   75.421452][    C0]  __local_bh_enable_ip+0x70/0x80
[   75.426477][    C0]  _raw_spin_unlock_bh+0x36/0x40
[   75.431409][    C0]  lock_sock_nested+0x112/0x140
[   75.436263][    C0]  sockopt_lock_sock+0x42/0x50
[   75.441028][    C0]  do_ip_getsockopt+0xa85/0xfe0
[   75.445907][    C0]  ip_getsockopt+0x5c/0x180
[   75.450409][    C0]  tcp_getsockopt+0xaa/0xe0
[   75.454929][    C0]  sock_common_getsockopt+0x5d/0x70
[   75.460137][    C0]  do_sock_getsockopt+0x200/0x240
[   75.465176][    C0]  __x64_sys_getsockopt+0x11e/0x1a0
[   75.470388][    C0]  x64_sys_call+0x12aa/0x2fb0
[   75.475073][    C0]  do_syscall_64+0xd2/0x200
[   75.479588][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.485485][    C0] 
[   75.487797][    C0] read-write to 0xffff888101f7c108 of 8 bytes by interrupt on cpu 0:
[   75.495848][    C0]  can_rcv_filter+0xd9/0x4f0
[   75.500442][    C0]  can_receive+0x163/0x1c0
[   75.504870][    C0]  can_rcv+0xed/0x190
[   75.508868][    C0]  __netif_receive_skb+0x11d/0x270
[   75.513991][    C0]  process_backlog+0x229/0x420
[   75.518762][    C0]  __napi_poll+0x66/0x3a0
[   75.523096][    C0]  net_rx_action+0x391/0x830
[   75.527688][    C0]  handle_softirqs+0xba/0x290
[   75.532358][    C0]  __irq_exit_rcu+0x3a/0xc0
[   75.536858][    C0]  sysvec_apic_timer_interrupt+0x74/0x80
[   75.542522][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   75.548508][    C0]  __sanitizer_cov_trace_pc+0x4a/0x70
[   75.553903][    C0]  pid_vnr+0xa9/0x100
[   75.557884][    C0]  __unix_dgram_recvmsg+0x5e3/0x840
[   75.563109][    C0]  unix_dgram_recvmsg+0x81/0x90
[   75.567977][    C0]  sock_recvmsg_nosec+0x104/0x130
[   75.573005][    C0]  ____sys_recvmsg+0x26f/0x280
[   75.577785][    C0]  ___sys_recvmsg+0x11f/0x370
[   75.582465][    C0]  do_recvmmsg+0x1ef/0x540
[   75.586879][    C0]  __x64_sys_recvmmsg+0xe5/0x170
[   75.591815][    C0]  x64_sys_call+0x1c6a/0x2fb0
[   75.596496][    C0]  do_syscall_64+0xd2/0x200
[   75.601093][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.606981][    C0] 
[   75.609295][    C0] value changed: 0x0000000000161403 -> 0x0000000000161404
[   75.616386][    C0] 
[   75.618696][    C0] Reported by Kernel Concurrency Sanitizer on:
[   75.624846][    C0] CPU: 0 UID: 0 PID: 5539 Comm: syz.5.606 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[   75.635473][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   75.645534][    C0] ==================================================================
[   75.898783][ T5548] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   77.367165][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.740986][ T5550] syz.6.603: attempt to access beyond end of device
[   77.740986][ T5550] loop6: rw=0, sector=97, nr_sectors = 120 limit=128
[   77.940334][    C1] ==================================================================
[   77.948446][    C1] BUG: KCSAN: data-race in can_can_gw_rcv / can_can_gw_rcv
[   77.955659][    C1] 
[   77.957978][    C1] read-write to 0xffff8881191d9020 of 4 bytes by interrupt on cpu 0:
[   77.966036][    C1]  can_can_gw_rcv+0x807/0x820
[   77.970725][    C1]  can_rcv_filter+0xc7/0x4f0
[   77.975334][    C1]  can_receive+0x163/0x1c0
[   77.979768][    C1]  can_rcv+0xed/0x190
[   77.983764][    C1]  __netif_receive_skb+0x11d/0x270
[   77.988884][    C1]  process_backlog+0x229/0x420
[   77.993660][    C1]  __napi_poll+0x66/0x3a0
[   77.997997][    C1]  net_rx_action+0x391/0x830
[   78.002604][    C1]  handle_softirqs+0xba/0x290
[   78.007286][    C1]  __irq_exit_rcu+0x3a/0xc0
[   78.011788][    C1]  sysvec_apic_timer_interrupt+0x74/0x80
[   78.017433][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   78.023432][    C1]  ___sys_recvmsg+0x74/0x370
[   78.028048][    C1]  do_recvmmsg+0x1ef/0x540
[   78.032472][    C1]  __x64_sys_recvmmsg+0xe5/0x170
[   78.037423][    C1]  x64_sys_call+0x1c6a/0x2fb0
[   78.042111][    C1]  do_syscall_64+0xd2/0x200
[   78.046639][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.052531][    C1] 
[   78.054847][    C1] read-write to 0xffff8881191d9020 of 4 bytes by interrupt on cpu 1:
[   78.062908][    C1]  can_can_gw_rcv+0x807/0x820
[   78.067589][    C1]  can_rcv_filter+0xc7/0x4f0
[   78.072196][    C1]  can_receive+0x163/0x1c0
[   78.076626][    C1]  can_rcv+0xed/0x190
[   78.080612][    C1]  __netif_receive_skb+0x11d/0x270
[   78.085725][    C1]  process_backlog+0x229/0x420
[   78.090499][    C1]  __napi_poll+0x66/0x3a0
[   78.094831][    C1]  net_rx_action+0x391/0x830
[   78.099430][    C1]  handle_softirqs+0xba/0x290
[   78.104107][    C1]  do_softirq+0x5d/0x90
[   78.108267][    C1]  __local_bh_enable_ip+0x70/0x80
[   78.113299][    C1]  _raw_spin_unlock_bh+0x36/0x40
[   78.118249][    C1]  lock_sock_nested+0x112/0x140
[   78.123112][    C1]  tcp_recvmsg+0x114/0x490
[   78.127541][    C1]  inet_recvmsg+0xb7/0x290
[   78.131985][    C1]  sock_recvmsg+0xf6/0x170
[   78.136418][    C1]  sock_read_iter+0x152/0x1a0
[   78.141101][    C1]  vfs_read+0x5ca/0x6f0
[   78.145279][    C1]  ksys_read+0xda/0x1a0
[   78.149451][    C1]  __x64_sys_read+0x40/0x50
[   78.153974][    C1]  x64_sys_call+0x2d77/0x2fb0
[   78.158668][    C1]  do_syscall_64+0xd2/0x200
[   78.163186][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.169092][    C1] 
[   78.171420][    C1] value changed: 0x001ab060 -> 0x001ab061
[   78.177141][    C1] 
[   78.179461][    C1] Reported by Kernel Concurrency Sanitizer on:
[   78.185618][    C1] CPU: 1 UID: 0 PID: 3290 Comm: syz-executor Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[   78.196496][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   78.206559][    C1] ==================================================================
[   78.375946][    C0] ==================================================================
[   78.384075][    C0] BUG: KCSAN: data-race in can_rcv_filter / can_rcv_filter
[   78.391301][    C0] 
[   78.393626][    C0] read-write to 0xffff888101f7c108 of 8 bytes by interrupt on cpu 1:
[   78.401692][    C0]  can_rcv_filter+0xd9/0x4f0
[   78.406300][    C0]  can_receive+0x163/0x1c0
[   78.410736][    C0]  can_rcv+0xed/0x190
[   78.414734][    C0]  __netif_receive_skb+0x11d/0x270
[   78.419854][    C0]  process_backlog+0x229/0x420
[   78.424634][    C0]  __napi_poll+0x66/0x3a0
[   78.428979][    C0]  net_rx_action+0x391/0x830
[   78.433592][    C0]  handle_softirqs+0xba/0x290
[   78.438293][    C0]  do_softirq+0x5d/0x90
[   78.442457][    C0]  __local_bh_enable_ip+0x70/0x80
[   78.447492][    C0]  _raw_spin_unlock_bh+0x36/0x40
[   78.452446][    C0]  lock_sock_nested+0x112/0x140
[   78.457310][    C0]  sockopt_lock_sock+0x42/0x50
[   78.462091][    C0]  do_ip_getsockopt+0xa85/0xfe0
[   78.466956][    C0]  ip_getsockopt+0x5c/0x180
[   78.471477][    C0]  tcp_getsockopt+0xaa/0xe0
[   78.475998][    C0]  sock_common_getsockopt+0x5d/0x70
[   78.481207][    C0]  do_sock_getsockopt+0x200/0x240
[   78.486248][    C0]  __x64_sys_getsockopt+0x11e/0x1a0
[   78.491462][    C0]  x64_sys_call+0x12aa/0x2fb0
[   78.496155][    C0]  do_syscall_64+0xd2/0x200
[   78.500674][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.506572][    C0] 
[   78.508890][    C0] read-write to 0xffff888101f7c108 of 8 bytes by interrupt on cpu 0:
[   78.516955][    C0]  can_rcv_filter+0xd9/0x4f0
[   78.521562][    C0]  can_receive+0x163/0x1c0
[   78.525991][    C0]  can_rcv+0xed/0x190
[   78.529987][    C0]  __netif_receive_skb+0x11d/0x270
[   78.535105][    C0]  process_backlog+0x229/0x420
[   78.539884][    C0]  __napi_poll+0x66/0x3a0
[   78.544214][    C0]  net_rx_action+0x391/0x830
[   78.548809][    C0]  handle_softirqs+0xba/0x290
[   78.553491][    C0]  __irq_exit_rcu+0x3a/0xc0
[   78.558005][    C0]  sysvec_apic_timer_interrupt+0x74/0x80
[   78.563664][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   78.569655][    C0]  __tsan_unaligned_write1+0x111/0x180
[   78.575134][    C0]  __import_iovec+0x2b3/0x540
[   78.579820][    C0]  import_iovec+0x61/0x80
[   78.584165][    C0]  ___sys_recvmsg+0x358/0x370
[   78.588864][    C0]  do_recvmmsg+0x1ef/0x540
[   78.593282][    C0]  __x64_sys_recvmmsg+0xe5/0x170
[   78.598224][    C0]  x64_sys_call+0x1c6a/0x2fb0
[   78.602911][    C0]  do_syscall_64+0xd2/0x200
[   78.607434][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.613335][    C0] 
[   78.615652][    C0] value changed: 0x00000000001b6847 -> 0x00000000001b6848
[   78.622760][    C0] 
[   78.625084][    C0] Reported by Kernel Concurrency Sanitizer on:
[   78.631235][    C0] CPU: 0 UID: 0 PID: 5539 Comm: syz.5.606 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[   78.641831][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   78.651894][    C0] ==================================================================
[   80.608481][ T4403] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.964595][    C0] ==================================================================
[   80.972707][    C0] BUG: KCSAN: data-race in can_can_gw_rcv / can_can_gw_rcv
[   80.979913][    C0] 
[   80.982233][    C0] read-write to 0xffff8881191d9020 of 4 bytes by interrupt on cpu 1:
[   80.990296][    C0]  can_can_gw_rcv+0x807/0x820
[   80.994980][    C0]  can_rcv_filter+0xc7/0x4f0
[   80.999580][    C0]  can_receive+0x163/0x1c0
[   81.004007][    C0]  can_rcv+0xed/0x190
[   81.007999][    C0]  __netif_receive_skb+0x11d/0x270
[   81.013116][    C0]  process_backlog+0x229/0x420
[   81.017886][    C0]  __napi_poll+0x66/0x3a0
[   81.022220][    C0]  net_rx_action+0x391/0x830
[   81.026818][    C0]  handle_softirqs+0xba/0x290
[   81.031499][    C0]  run_ksoftirqd+0x1c/0x30
[   81.035925][    C0]  smpboot_thread_fn+0x32b/0x530
[   81.040893][    C0]  kthread+0x486/0x510
[   81.044968][    C0]  ret_from_fork+0xda/0x150
[   81.049482][    C0]  ret_from_fork_asm+0x1a/0x30
[   81.054256][    C0] 
[   81.056574][    C0] read-write to 0xffff8881191d9020 of 4 bytes by interrupt on cpu 0:
[   81.064642][    C0]  can_can_gw_rcv+0x807/0x820
[   81.069328][    C0]  can_rcv_filter+0xc7/0x4f0
[   81.073935][    C0]  can_receive+0x163/0x1c0
[   81.078371][    C0]  can_rcv+0xed/0x190
[   81.082367][    C0]  __netif_receive_skb+0x11d/0x270
[   81.087490][    C0]  process_backlog+0x229/0x420
[   81.092262][    C0]  __napi_poll+0x66/0x3a0
[   81.096592][    C0]  net_rx_action+0x391/0x830
[   81.101187][    C0]  handle_softirqs+0xba/0x290
[   81.105868][    C0]  do_softirq+0x5d/0x90
[   81.110032][    C0]  __local_bh_enable_ip+0x70/0x80
[   81.115058][    C0]  _raw_spin_unlock_bh+0x36/0x40
[   81.120003][    C0]  nsim_dev_trap_report_work+0x52b/0x630
[   81.125644][    C0]  process_scheduled_works+0x4ce/0x9d0
[   81.131117][    C0]  worker_thread+0x582/0x770
[   81.135720][    C0]  kthread+0x486/0x510
[   81.139790][    C0]  ret_from_fork+0xda/0x150
[   81.144294][    C0]  ret_from_fork_asm+0x1a/0x30
[   81.149065][    C0] 
[   81.151389][    C0] value changed: 0x00205780 -> 0x00205781
[   81.157102][    C0] 
[   81.159423][    C0] Reported by Kernel Concurrency Sanitizer on:
[   81.165588][    C0] CPU: 0 UID: 0 PID: 51 Comm: kworker/u8:3 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[   81.176275][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   81.186331][    C0] Workqueue: events_unbound nsim_dev_trap_report_work
[   81.193109][    C0] ==================================================================
[   81.397562][    C0] ==================================================================
[   81.405677][    C0] BUG: KCSAN: data-race in can_rcv_filter / can_rcv_filter
[   81.412906][    C0] 
[   81.415227][    C0] read-write to 0xffff888101f7c108 of 8 bytes by interrupt on cpu 1:
[   81.423301][    C0]  can_rcv_filter+0xd9/0x4f0
[   81.427907][    C0]  can_receive+0x163/0x1c0
[   81.432331][    C0]  can_rcv+0xed/0x190
[   81.436320][    C0]  __netif_receive_skb+0x11d/0x270
[   81.441441][    C0]  process_backlog+0x229/0x420
[   81.446211][    C0]  __napi_poll+0x66/0x3a0
[   81.450547][    C0]  net_rx_action+0x391/0x830
[   81.455143][    C0]  handle_softirqs+0xba/0x290
[   81.459825][    C0]  do_softirq+0x5d/0x90
[   81.463983][    C0]  __local_bh_enable_ip+0x70/0x80
[   81.469011][    C0]  _raw_spin_unlock_bh+0x36/0x40
[   81.473956][    C0]  batadv_nc_purge_paths+0x22b/0x270
[   81.479251][    C0]  batadv_nc_worker+0x3ff/0xae0
[   81.484111][    C0]  process_scheduled_works+0x4ce/0x9d0
[   81.489584][    C0]  worker_thread+0x582/0x770
[   81.494189][    C0]  kthread+0x486/0x510
[   81.498259][    C0]  ret_from_fork+0xda/0x150
[   81.502769][    C0]  ret_from_fork_asm+0x1a/0x30
[   81.507537][    C0] 
[   81.509857][    C0] read-write to 0xffff888101f7c108 of 8 bytes by interrupt on cpu 0:
[   81.517925][    C0]  can_rcv_filter+0xd9/0x4f0
[   81.522529][    C0]  can_receive+0x163/0x1c0
[   81.526960][    C0]  can_rcv+0xed/0x190
[   81.530951][    C0]  __netif_receive_skb+0x11d/0x270
[   81.536066][    C0]  process_backlog+0x229/0x420
[   81.540836][    C0]  __napi_poll+0x66/0x3a0
[   81.545163][    C0]  net_rx_action+0x391/0x830
[   81.549757][    C0]  handle_softirqs+0xba/0x290
[   81.554444][    C0]  run_ksoftirqd+0x1c/0x30
[   81.558869][    C0]  smpboot_thread_fn+0x32b/0x530
[   81.563826][    C0]  kthread+0x486/0x510
[   81.567898][    C0]  ret_from_fork+0xda/0x150
[   81.572407][    C0]  ret_from_fork_asm+0x1a/0x30
[   81.577188][    C0] 
[   81.579508][    C0] value changed: 0x00000000002118e9 -> 0x00000000002118ea
[   81.586612][    C0] 
[   81.588932][    C0] Reported by Kernel Concurrency Sanitizer on:
[   81.595078][    C0] CPU: 0 UID: 0 PID: 14 Comm: ksoftirqd/0 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[   81.605672][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   81.615731][    C0] ==================================================================
[   83.977364][    C0] ==================================================================
[   83.985494][    C0] BUG: KCSAN: data-race in can_can_gw_rcv / can_can_gw_rcv
[   83.992705][    C0] 
[   83.995026][    C0] read-write to 0xffff8881191d9020 of 4 bytes by interrupt on cpu 1:
[   84.003093][    C0]  can_can_gw_rcv+0x807/0x820
[   84.007780][    C0]  can_rcv_filter+0xc7/0x4f0
[   84.012385][    C0]  can_receive+0x163/0x1c0
[   84.016818][    C0]  can_rcv+0xed/0x190
[   84.020814][    C0]  __netif_receive_skb+0x11d/0x270
[   84.025930][    C0]  process_backlog+0x229/0x420
[   84.030698][    C0]  __napi_poll+0x66/0x3a0
[   84.035027][    C0]  net_rx_action+0x391/0x830
[   84.039618][    C0]  handle_softirqs+0xba/0x290
[   84.044300][    C0]  do_softirq+0x5d/0x90
[   84.048456][    C0]  __local_bh_enable_ip+0x70/0x80
[   84.053488][    C0]  _raw_spin_unlock_bh+0x36/0x40
[   84.058438][    C0]  batadv_dat_purge+0x1e3/0x270
[   84.063300][    C0]  process_scheduled_works+0x4ce/0x9d0
[   84.068772][    C0]  worker_thread+0x582/0x770
[   84.073375][    C0]  kthread+0x486/0x510
[   84.077454][    C0]  ret_from_fork+0xda/0x150
[   84.081966][    C0]  ret_from_fork_asm+0x1a/0x30
[   84.086737][    C0] 
[   84.089048][    C0] read-write to 0xffff8881191d9020 of 4 bytes by interrupt on cpu 0:
[   84.097110][    C0]  can_can_gw_rcv+0x807/0x820
[   84.101794][    C0]  can_rcv_filter+0xc7/0x4f0
[   84.106392][    C0]  can_receive+0x163/0x1c0
[   84.110819][    C0]  can_rcv+0xed/0x190
[   84.114812][    C0]  __netif_receive_skb+0x11d/0x270
[   84.119927][    C0]  process_backlog+0x229/0x420
[   84.124691][    C0]  __napi_poll+0x66/0x3a0
[   84.129020][    C0]  net_rx_action+0x391/0x830
[   84.133612][    C0]  handle_softirqs+0xba/0x290
[   84.138301][    C0]  do_softirq+0x5d/0x90
[   84.142467][    C0]  __local_bh_enable_ip+0x70/0x80
[   84.147501][    C0]  _raw_spin_unlock_bh+0x36/0x40
[   84.152460][    C0]  nsim_dev_trap_report_work+0x52b/0x630
[   84.158103][    C0]  process_scheduled_works+0x4ce/0x9d0
[   84.163580][    C0]  worker_thread+0x582/0x770
[   84.168186][    C0]  kthread+0x486/0x510
[   84.172265][    C0]  ret_from_fork+0xda/0x150
[   84.176765][    C0]  ret_from_fork_asm+0x1a/0x30
[   84.181540][    C0] 
[   84.183861][    C0] value changed: 0x0026683f -> 0x00266840
[   84.189578][    C0] 
[   84.191896][    C0] Reported by Kernel Concurrency Sanitizer on:
[   84.198049][    C0] CPU: 0 UID: 0 PID: 31 Comm: kworker/u8:1 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[   84.208736][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   84.218793][    C0] Workqueue: events_unbound nsim_dev_trap_report_work
[   84.225566][    C0] ==================================================================
[   84.398758][    C0] ==================================================================
[   84.406866][    C0] BUG: KCSAN: data-race in can_rcv_filter / can_rcv_filter
[   84.414086][    C0] 
[   84.416403][    C0] read-write to 0xffff888101f7c108 of 8 bytes by interrupt on cpu 1:
[   84.424468][    C0]  can_rcv_filter+0xd9/0x4f0
[   84.429067][    C0]  can_receive+0x163/0x1c0
[   84.433504][    C0]  can_rcv+0xed/0x190
[   84.437504][    C0]  __netif_receive_skb+0x11d/0x270
[   84.442626][    C0]  process_backlog+0x229/0x420
[   84.447391][    C0]  __napi_poll+0x66/0x3a0
[   84.451725][    C0]  net_rx_action+0x391/0x830
[   84.456325][    C0]  handle_softirqs+0xba/0x290
[   84.461007][    C0]  do_softirq+0x5d/0x90
[   84.465165][    C0]  __local_bh_enable_ip+0x70/0x80
[   84.470226][    C0]  _raw_spin_unlock_bh+0x36/0x40
[   84.475166][    C0]  batadv_dat_purge+0x1e3/0x270
[   84.480022][    C0]  process_scheduled_works+0x4ce/0x9d0
[   84.485498][    C0]  worker_thread+0x582/0x770
[   84.490096][    C0]  kthread+0x486/0x510
[   84.494164][    C0]  ret_from_fork+0xda/0x150
[   84.498691][    C0]  ret_from_fork_asm+0x1a/0x30
[   84.503473][    C0] 
[   84.505797][    C0] read-write to 0xffff888101f7c108 of 8 bytes by interrupt on cpu 0:
[   84.513877][    C0]  can_rcv_filter+0xd9/0x4f0
[   84.518496][    C0]  can_receive+0x163/0x1c0
[   84.522921][    C0]  can_rcv+0xed/0x190
[   84.526928][    C0]  __netif_receive_skb+0x11d/0x270
[   84.532060][    C0]  process_backlog+0x229/0x420
[   84.536833][    C0]  __napi_poll+0x66/0x3a0
[   84.541174][    C0]  net_rx_action+0x391/0x830
[   84.545774][    C0]  handle_softirqs+0xba/0x290
[   84.550457][    C0]  run_ksoftirqd+0x1c/0x30
[   84.554882][    C0]  smpboot_thread_fn+0x32b/0x530
[   84.559828][    C0]  kthread+0x486/0x510
[   84.563904][    C0]  ret_from_fork+0xda/0x150
[   84.568413][    C0]  ret_from_fork_asm+0x1a/0x30
[   84.573185][    C0] 
[   84.575504][    C0] value changed: 0x0000000000271e8a -> 0x0000000000271e8b
[   84.582603][    C0] 
[   84.584923][    C0] Reported by Kernel Concurrency Sanitizer on:
[   84.591077][    C0] CPU: 0 UID: 0 PID: 14 Comm: ksoftirqd/0 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[   84.601667][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   84.611723][    C0] ==================================================================