last executing test programs:

24m44.443705873s ago: executing program 32 (id=208):
bpf$BPF_PROG_TEST_RUN(0x1c, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='pids.current\x00', 0x275a, 0x0)
r0 = perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x6, &(0x7f0000000000)=0x9, 0x8, 0x0)
get_mempolicy(0x0, 0x0, 0x0, &(0x7f0000117000/0x2000)=nil, 0x2)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}})
writev(r5, &(0x7f0000000040)=[{&(0x7f0000000100)="89e7ee2c78dad9b4b473fec988cafb", 0x240}], 0x1)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)

20m37.342425291s ago: executing program 33 (id=4246):
r0 = openat$selinux_member(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001340)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
write$selinux_access(r0, &(0x7f00000004c0)=ANY=[@ANYBLOB="73797374656d5f753a6f626a6563745f723a7570647077645f657865635f742073797374656d5f753a73797374656d5f723afaffffffffffffff3a73"], 0x56)

20m25.390707999s ago: executing program 34 (id=4469):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x88200, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x1)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', r1, 0x0}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r2}, &(0x7f00000000c0), &(0x7f0000000100)}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000300)={r2, <r3=>0xffffffffffffffff}, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x11, 0x10, &(0x7f00000003c0)=@framed={{}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}}]}, &(0x7f0000000240)='GPL\x00', 0x4, 0x1005, &(0x7f00000014c0)=""/4101, 0x0, 0xc}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4, 0x0, 0x7}, 0x18)
r5 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmsg$802154_dgram(r5, &(0x7f00000000c0)={&(0x7f0000000000)={0x24, @short={0x2, 0xffff, 0xffff}}, 0x14, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000000)
r6 = syz_open_pts(r0, 0x40001)
ioctl$TIOCPKT(r6, 0x5420, &(0x7f0000000000)=0x6)
ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000040)={0x7, 0x80, 0x9, 0x110, 0x1b, "96010000000000000000000000000000000008"})

20m22.781193098s ago: executing program 35 (id=4502):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000740)={{r0}, &(0x7f00000006c0), &(0x7f0000000700)='%pS    \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x11, &(0x7f0000000100)={[{@noblock_validity}, {@stripe={'stripe', 0x3d, 0x2}}, {@norecovery}, {@min_batch_time={'min_batch_time', 0x3d, 0x71d}}, {@abort}]}, 0x1, 0x610, &(0x7f0000000a40)="$eJzs3c9rFGcfAPDvTH6avO+bKC+8rz3UQCkKrYmJWqQUau5F7I9/IDVRxGgkSaFRwQjtsfTSQ6GnHmr/i1borfTQaw+9F0FK8VCL1C2zOxs3m93Nz/3h7ucDa+aZmczznTXfPM88eWY2gJ41kf2TRhyNiJtJxFjFtv7IN06U9nv8x51L2SuJQuH935O4czdZrzxWkn8dzb/577FIfk4jjvRtrXdl7da1ucXFheW8PLV6/ebUytqtk1evz11ZuLJwY+aNmXNnz5w9N31qX+c3UGPdN189Taa//fVCEufjWR5bdl7V+w3tq+bsPZuIQsmTyvXZ+3pun8fuFH+OlX9OnkuqV9CxLud5m+XJ/2Is+ir+N8fi03fbGhzQVIUkym0U0HOSOvn/42yj3wzDTYsHaJVyP6B8bV/rOnirtMm9EqAVHs2WBqRKuT8QEeX87y+NDcZwcWxg5HGyaZwniYj9jcyVZHX89MOFT7JX1BmHA5pj/V55lLu6/U+KuTkew8XSyON0c/6vFwpp3hPI1r+3x/onqsryH1pn/V5E/D9v/wdjx/mf5rlbzv8P91i//AcAAAAAAICD82A2Il6vNf8v3Zj/M1hj/s9oRJw/gPq3//tf+jBfSKp2HTyA6qGnPZqNeKvm/N+NOb7jfXnp38X5ALeTy1cXF05FxH8i4kQMDGXl6arjVs4QPvnZkS/r1V85/y97ZfWX5wLmR3rYX3Uj7vzc6tx+zxuIeHQv4qXi/N9j+ZrN83+y9j+p0f5n+X1zh3UcefX+xXrbts9/oFkKX0ccr9n+P+9uJ42fzzFV7A9MlXsFW718+/Pv6tVfnf9NOEWgjqz9H2mc/0NJ5fN6VnZ3/Owi/fRaf6He9r32/weTD/qiYhDg47nV1eXpiMHkna3rZ3YXM3SrPB+ORZ4vWf6feKXx+N9G/78iDw9FxPoO6hveZrv+P7RPlv/zjdv/8c3t/+4XZu6Pf1+v/os7av/PFNv0E/ka439QaevzOHaaoG0JFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABecGlE/CuSdHJjOU0nJyNGI+K/MZIuLq2svnZ56aMb89m2iPEYSMuf9DtWKiflz/8fryjPVJVPR8ThiPii71CxPHlpaXG+3ScPAAAAAAAAAAAAAAAAAAAAHWK0eM9/Yaj6/v/Mb33tjg5ouv78q3yH3tO/5+8sDB1oIEDL7T3/gRdYds2/i/wfaGYsQBvUz/8nTwtFLQ0HaCH9f+hde8x/fy6ALqD9h161wzG94WbHAbSD9h8AAAAAALrK4WMPfkkiYv3NQ8VXZjDfZrI/dLe03QEAbWMOL/Su/qV2RwC0i2t8INlY+qvmzf71Z/8nzQkIAAAAAAAAAAAAANji+FH3/0Ovanz/v7n90M0a3P9fK/k9LgC6SP2P/tD2Q7dzjQ9s19q7/x8AAAAAAAAAAAAAOsDwrWtzi4sLyytrL97C250Rxu4W1uc6IoxdLBTuRjTe51lzah+IiE55E5ZXsmhaVVf5ERxtPOU2/14CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2/BMAAP//cdEbCg==")
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)

20m16.821481096s ago: executing program 36 (id=4624):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x34, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_DUPLEX={0x5, 0x6, 0x1}]}, 0x34}}, 0x0)

20m5.371772366s ago: executing program 37 (id=4891):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)

20m4.114557025s ago: executing program 38 (id=4566):
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000005"], 0x48) (async)
r1 = creat(&(0x7f0000000080)='./file0\x00', 0x19a)
pipe2$9p(&(0x7f0000000040)={<r2=>0xffffffffffffffff}, 0x800)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000004380), 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[], [], 0x6b}}) (async)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000300), 0x442302, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async, rerun: 32)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0) (rerun: 32)
close(r4) (async)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$sock_int(r5, 0x1, 0x21, 0x0, 0x0)
sendmmsg$inet(r5, 0x0, 0x0, 0x4) (async, rerun: 32)
bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) (async, rerun: 32)
listen(0xffffffffffffffff, 0xfffffffc) (async, rerun: 64)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async, rerun: 64)
syz_emit_ethernet(0x7a, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaabb424e1aa2e0d408004900006c00000001001190780a010101ac141429070fdbe0000001ffffffffffffffff0000004e200048907803000000000000006d4dfdeb8cf7bbfe143803bec2ce783e04cd32308cdd8ddec71cb8adfce542a4bc5a026c208fd0c45787e4aa384e3d26b21ea41cc128364c6007b4a160ba9910d5c4a648a4830e789db4f40857ef4b2cce1ca80861fce88ad8442f0db4c1dfb4b70e98febebc9376b02f7f9961798d458b79d55cf72dd7c23a810747ebe5d58cdd0ebdc67574aa06c8364ac85a7ae51d65c56904560f0d7f6a8d5fe13ece5bdb98eb1bb77e6d70f9c8e8d4eb9823747a603755d37e81d4ee1794a78769792454"], 0x0) (async, rerun: 64)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0) (async, rerun: 64)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b00)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@delchain={0x4e0, 0x65, 0x2, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0x1}, {0x0, 0xb}}, [@filter_kind_options=@f_fw={{0x7}, {0x46c, 0x2, [@TCA_FW_POLICE={0x468, 0x2, [@TCA_POLICE_RESULT={0x8, 0x5, 0x10}, @TCA_POLICE_RESULT={0x8, 0x5, 0x6}, @TCA_POLICE_TBF={0x3c, 0x1, {0x3ff, 0x1, 0xf, 0x1, 0x0, {0x1, 0x0, 0x6, 0x7, 0x3993, 0x8}, {0xef, 0x0, 0x9, 0x6, 0x6, 0x5565}, 0xa9d, 0xd3, 0x1}}, @TCA_POLICE_RESULT={0x8, 0x5, 0x7}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x4}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x432, 0x1, 0x800, 0x6, 0x10000, 0x7fff, 0x0, 0x58a5, 0xf5, 0x10, 0x8f1, 0x5, 0x3, 0x1, 0xd, 0x52479052, 0x6, 0x1, 0x2, 0x7, 0x8001, 0x2, 0x9, 0x10, 0x7, 0x6, 0x3ff, 0x6, 0xfffffffd, 0xff, 0x8, 0x3, 0xa03b, 0x7, 0x7, 0xc, 0x5, 0x8, 0x10, 0x95, 0xfffffff9, 0x10000, 0x5, 0x6, 0x4, 0xa8a1, 0x7, 0x8, 0x6, 0x8, 0x7, 0x7, 0x191d, 0x4, 0x8, 0x8, 0x1, 0x4, 0x0, 0xb, 0x5, 0x4, 0x6, 0x1, 0x6, 0x5, 0xc, 0x80000000, 0x1, 0x87, 0x80000001, 0xffff, 0x0, 0x4, 0x6, 0x7980df19, 0x30, 0x6, 0x9, 0xd, 0x2, 0x20000000, 0x724, 0x9, 0xc, 0x8, 0x0, 0x81, 0xfff, 0x100, 0x7fffffff, 0xbde, 0x0, 0xe, 0x8, 0x8, 0x1, 0x401, 0x8000, 0x57a4, 0x7, 0x101, 0x1, 0x4, 0x7, 0x8, 0x9e, 0x9, 0x0, 0x6, 0xc, 0x5, 0x4, 0x8, 0x2, 0x2, 0xfff, 0x6762, 0x5, 0xadf, 0x401, 0x0, 0xaa2, 0x4, 0x80000000, 0x3, 0xff, 0x8, 0xa6, 0xfffffe00, 0x8, 0x55df088e, 0x5, 0x35, 0xf, 0x9, 0x2, 0x7, 0x5, 0x6a1f, 0x4, 0x649a901e, 0x400, 0x8, 0x1, 0x7, 0x100, 0x1ff, 0x6, 0x7, 0x5, 0x4, 0x7, 0x4, 0x8, 0xc1, 0x800, 0x3, 0x85, 0x8, 0x2, 0xa3, 0x7fff, 0x40, 0x1, 0x20000000, 0x9, 0x0, 0x10000, 0x3, 0x6, 0xf1, 0xffffffd7, 0xffff, 0x3, 0x0, 0x9, 0x3, 0xee1, 0x1, 0xfffffffd, 0x6, 0x4, 0x100, 0x9, 0x925f, 0x6, 0x0, 0x4, 0x1, 0x3, 0x9, 0x5d, 0x9000, 0x3ff, 0x7fff, 0x3, 0x1, 0xe8, 0xce, 0xfff, 0x9, 0x0, 0x4, 0x40, 0x12, 0x8, 0x301, 0x8, 0xdffffff8, 0x5, 0x3, 0x8, 0x80000000, 0x0, 0x4, 0xc625, 0x6, 0xb, 0x8, 0x400, 0x7fff, 0x1, 0x1, 0x4, 0xd3b, 0x39, 0x5, 0x6, 0x3, 0x1, 0x6, 0x1a, 0x6, 0x7ff, 0x4, 0x7f, 0x9, 0x1, 0x5, 0x3, 0xd2076200, 0x138a, 0x9, 0x10000, 0x8, 0x2, 0x101, 0x2, 0x80000000, 0x1, 0x1, 0xa, 0x7, 0xd, 0x80000001]}]}]}}, @TCA_CHAIN={0x8, 0xb, 0x6}, @filter_kind_options=@f_bpf={{0x8}, {0x28, 0x2, [@TCA_BPF_FD={0x8}, @TCA_BPF_NAME={0xc, 0x7, './file0\x00'}, @TCA_BPF_FLAGS={0x8, 0x8, 0x1}, @TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x3}]}}, @filter_kind_options=@f_route={{0xa}, {0x4}}]}, 0x4e0}, 0x1, 0x0, 0x0, 0x81}, 0x200000c0)
r8 = socket(0x10, 0x803, 0x0)
sendto(r8, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r8, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400}) (async, rerun: 64)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000001c0)='mm_page_free\x00', r7, 0x0, 0x6}, 0x18) (rerun: 64)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='kfree\x00'}, 0x18) (async)
pselect6(0x40, &(0x7f0000000840)={0x4, 0x2, 0x3, 0x200fd78, 0x80000001, 0x100000001, 0x7, 0x8001000000000000}, &(0x7f0000000880)={0x7, 0x8, 0x8, 0x1, 0x3, 0x2, 0x4, 0x100000001}, 0x0, 0x0, &(0x7f0000000980)={&(0x7f00000001c0)={[0x6]}, 0x8}) (async, rerun: 64)
kexec_load(0x0, 0x1, &(0x7f0000000140)=[{0x0, 0x3e00, 0x116094000, 0x41000000}], 0x0) (async, rerun: 64)
creat(0x0, 0x9c)

16m25.527397888s ago: executing program 39 (id=8793):
bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="0b00000007000000080000000900000805000000", @ANYRES32=0x1], 0x50)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000540)='/proc/sys/net/ipv4/vs/sync_ports\x00', 0x2, 0x0)
setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000780)={0x2c, 0x1e, '\x00', [@generic={0xe4, 0xc0, "a9fc5be63dac890163b7aa03d9381988dcf2efae39500c84fc96737ba97d5f893c20843c3dc17b35d8f49b2f16eb0a583afc3438e9e2849d8e251e5d361b7d21ec98e4e5952b9f59a05d19e283af30892f9d27b15fdf94cc08c9a5918a9d69aafc9a5f33a90a1806ed914cf090fa24350b19896e620eff59c395b6caed3698b46057d81edfc84f25d3c56d9bde4bb17b9485a29932725c41410e55bb1370edb5c796de3b9aac8580b96f0622d85862f4fde8e7bda9ca4b093992084d8a689ba2"}, @calipso={0x7, 0x10, {0x0, 0x2, 0x2, 0x9, [0x100000001]}}, @jumbo={0xc2, 0x4, 0xb07c}, @hao={0xc9, 0x10, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @pad1, @pad1]}, 0x100)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x3, &(0x7f0000000280)=@framed, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400}, 0x94)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0a00000003000000080000000100000000000000", @ANYRES32, @ANYBLOB="0000e514e790aa7a122500"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000740)='kmem_cache_free\x00', r3}, 0x18)
syz_emit_ethernet(0xe, &(0x7f0000000040)=ANY=[@ANYBLOB="aaabaaaaaaaaaaaaaaaaaa008863"], 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000202300800000000000000000850000007b"], &(0x7f00000001c0)='GPL\x00', 0x6, 0x0, 0x0, 0x40f00, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000640)='kmem_cache_free\x00', r4, 0x0, 0x80001}, 0x18)
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TCSBRKP(r5, 0x5425, 0x0)
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000000c0)=0x3)
ioctl$TIOCGPGRP(r5, 0x5437, 0x0)

13m56.698982353s ago: executing program 40 (id=10509):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r2=>0x0})
bind$can_j1939(r1, &(0x7f0000000340)={0x1d, r2, 0x0, {0x2, 0x0, 0x6}, 0xfe}, 0x18)
setsockopt$sock_int(r0, 0x1, 0x1d, &(0x7f0000000040)=0x1, 0x4)
sendmsg$inet(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="81b641f1f3843704b6", 0x9}], 0x1}, 0x4048081)
r3 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000280)={'vxcan1\x00', <r4=>0x0})
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000600), r5)
sendmsg$NL802154_CMD_NEW_INTERFACE(r5, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000000)={0x34, r6, 0x1, 0x70bd29, 0x25dfdbfb, {}, [@NL802154_ATTR_IFNAME={0xa, 0x4, 'wpan4\x00'}, @NL802154_ATTR_EXTENDED_ADDR={0xc, 0x17, {0xaaaaaaaaaaaa0302}}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x2}, 0x300048c0)
bind$can_j1939(r3, &(0x7f0000000000)={0x1d, r4, 0x3}, 0x18)
sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=@newtfilter={0x24, 0x11, 0x1, 0x70bd28, 0x0, {0x0, 0x0, 0x74, r2, {0xfffd, 0xffeb}, {0x1, 0x1}, {0xfff2, 0xd}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4012}, 0x850)
r7 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r7, 0x2)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r7, 0xc08c5332, &(0x7f0000000180)={0x6, 0x7ff, 0x0, 'queue0\x00', 0x3})
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$can_j1939(0x1d, 0x2, 0x7) (async)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000000c0)={'vcan0\x00'}) (async)
bind$can_j1939(r1, &(0x7f0000000340)={0x1d, r2, 0x0, {0x2, 0x0, 0x6}, 0xfe}, 0x18) (async)
setsockopt$sock_int(r0, 0x1, 0x1d, &(0x7f0000000040)=0x1, 0x4) (async)
sendmsg$inet(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="81b641f1f3843704b6", 0x9}], 0x1}, 0x4048081) (async)
socket$can_j1939(0x1d, 0x2, 0x7) (async)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000280)={'vxcan1\x00'}) (async)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000600), r5) (async)
sendmsg$NL802154_CMD_NEW_INTERFACE(r5, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000000)={0x34, r6, 0x1, 0x70bd29, 0x25dfdbfb, {}, [@NL802154_ATTR_IFNAME={0xa, 0x4, 'wpan4\x00'}, @NL802154_ATTR_EXTENDED_ADDR={0xc, 0x17, {0xaaaaaaaaaaaa0302}}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x2}, 0x300048c0) (async)
bind$can_j1939(r3, &(0x7f0000000000)={0x1d, r4, 0x3}, 0x18) (async)
sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=@newtfilter={0x24, 0x11, 0x1, 0x70bd28, 0x0, {0x0, 0x0, 0x74, r2, {0xfffd, 0xffeb}, {0x1, 0x1}, {0xfff2, 0xd}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4012}, 0x850) (async)
open(&(0x7f0000000300)='.\x00', 0x0, 0x0) (async)
flock(r7, 0x2) (async)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r7, 0xc08c5332, &(0x7f0000000180)={0x6, 0x7ff, 0x0, 'queue0\x00', 0x3}) (async)

8m50.949676349s ago: executing program 41 (id=14654):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000b80)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0xffffffff}, 0x50)
r1 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'ip6gretap0\x00'})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xf, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r2}, 0x10)
symlink(0x0, 0x0)

8m40.04003893s ago: executing program 42 (id=14821):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a6c000000060a09040000000000000000020000000900010073797a30000000000900020073797a3200000000400004843c0001800b00010065787468647200002c000280080003400000008a080007400000000e080006400000000105000220940000000800044000000095140000001100010000000000000000000000000a"], 0x94}, 0x1, 0x0, 0x0, 0x8080}, 0x0)
r1 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
r2 = open_tree(r1, &(0x7f0000000240)='./file1\x00', 0x1000)
sendmsg$rds(r2, &(0x7f0000000b80)={&(0x7f0000000300)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x3c}}, 0x10, &(0x7f0000000380)=[{&(0x7f0000000740)=""/250, 0xfa}, {&(0x7f0000000840)=""/229, 0xe5}, {&(0x7f0000000940)=""/223, 0xdf}, {&(0x7f0000000a40)=""/184, 0xb8}], 0x4, &(0x7f0000000b00)=[@mask_cswp={0x58, 0x114, 0x9, {{0xfffffffb, 0x1}, &(0x7f0000000480), &(0x7f0000000640)=0x2, 0x2, 0x10001, 0xfffffffffffffff9, 0x8, 0x0, 0x100000000000003}}], 0x58, 0x4}, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001340)={&(0x7f0000000340)='kfree\x00', r4, 0x0, 0x6}, 0x18)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x6000000)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r7, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r8 = dup(r7)
write$P9_RLERRORu(r8, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r8, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000800)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x101, 0x0, 0x0, 0x41100, 0x59}, 0x94)
write$binfmt_elf64(r8, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB=',wfdno=', @ANYRESHEX=r8])
creat(&(0x7f00000003c0)='./file0\x00', 0x36)

8m11.534609291s ago: executing program 43 (id=15310):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) (async)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0, 0x0, 0xffffffffffffffff}, 0x13)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000001c0), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x48, 0x0, 0x0, 0x0}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x48, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r2}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r2}, 0x10)
r3 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SCSI_IOCTL_STOP_UNIT(r3, 0x6)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x30, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_emit_ethernet(0x4c6, &(0x7f00000011c0)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb86dd606410a60490000000000000000000000000000000000000fe8000000000000000000000000000aa004e000000000000c20400007fff08f1e4b4a48ed75a1a0fa72a4ef1293f817a503cff67ededd9a9c12f45a1ebd52100d383a3b7a81da84591482087b219d320c22fa1a7438821bbab9f65e7760499faaefed47faeabc94d611f9fd01daf9b8d354a1b791fdd98dd1620fa601e1a79851719a1643537bf659f08d649a3c20647215e8d0f554cdb831fcc9fa708b4c82ce03df91fdb87879dd783d27c69548e27ff22a451aa287be02ef8c81aa816772632ed70169cf841298668e1592294090de557617b38f5cf7e63466e9889368756d133379ff9013b181bc20602a296c9b4a3b67a7a9c1e7f74ff442d988257d455d03880955643a59c42fd4321dc2906d106074800000003100002005e000000000000000200000000000000080000000000000006000000000000005c9c000000000000ffffffffffffffff0700000000000000010000000000000005029000c2040000000801f6c3f6485ddfef6e90d13c29e46953be3975f887875c52a8b017390f031125303dbd0655e1966e0b5ff6911160d802bf6367b4ea66096bfdd812938093e7aa713abe96dac313328bba8ef90ec93599458b15d360ab4cc6bdef7158063cbed65753a725b0b1181be4ebfda0277888b69fc6045472f25433866da710c118b41265f25e5827fbf0537be11e90555df625f3195deda13358b8c41bbc39f2b9ead3472c4c162529d87d0d445e72e23112c1c95785df2146abe8fccef1c4d485bc43c77654820df189d5a2c9a58e732cd4124cf3ec6046dcbaceaa695b010f6a15d39b55d9153f0a96ae7b02bc46237afbf0c541c93809282dd40401000723e29a0fd4a39bb7cd89b369d488ccbf8a84ded1d42235601384fe79fbe9886721c609d70502000200000000000000620b00000000000001080000000000000000c910fc01000000000000000000000000000107100000000202af070081000000000000000001000401090718000000020405101005000000000000000300000000000000040140010700000000000000000000000000223427d5c9a46b9fa14172170a013589317d2af31ba55431762f462a5abc3f46494ee91bfca594d52f8c3785143e92da5d2d81edc09f68f122fbf741257bf1319408347a17c89212dfe27a0fc65362487e5afe673f0954f60d9d08b61276ce0b3aa520b5f30a9f52c4aa53fc003f8570383ca63530d93b78a7875338b3d7645ef2c24ab05db63cfdcde7b3cac2248c9d1c73d0d4382b3f520ad6e9be698eaa9bf5b939ce09919c9485c4725690ee2483315829a196f85a5ae552ebe19a2d6757ce2a6bf60fbb53104c7919b7cf28fa555fc9460df11e72eddebb2fc4eb6f83b16e0d65307e4210dfc209f0c68df65b57f420fd215546b798af6b6ab7bfb2fe6bd6142f877852717370b1ca39d199c149c3ead97c4e16229ce4c08a111a0fc64651c21e9174dd72442a9ae2a42d9433c7b54c8dd4b59203f9a2e227e9b043eb430e606cf98f3428ac8511948dd553bc0728c0626fbda71bd2a1d734d605e27bdb0be93b7b91284689e31fccb70c15f2c39da9011c84d36fe4b4b36ff26e45a34685fc638dbdaa068a3d3d4f5d44b74afc0fc7956e5fcc3fe405ac6d292d1d90f257f18fe14a3192d2"], 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000240)='kfree\x00', r4}, 0x10)
socket$rds(0x15, 0x5, 0x0) (async)
r5 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r5, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r5, &(0x7f0000000300)={&(0x7f0000000040)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f00000006c0)=[@rdma_args={0x48, 0x114, 0x1, {{0x3, 0x2}, {&(0x7f00000000c0)=""/160, 0xa0}, &(0x7f0000000340)=[{&(0x7f0000001140)=""/102, 0x66}], 0x1, 0x60, 0xfffffffefffffffe}}], 0x48, 0x8004}, 0x0) (async)
sendmsg$rds(r5, &(0x7f0000000300)={&(0x7f0000000040)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f00000006c0)=[@rdma_args={0x48, 0x114, 0x1, {{0x3, 0x2}, {&(0x7f00000000c0)=""/160, 0xa0}, &(0x7f0000000340)=[{&(0x7f0000001140)=""/102, 0x66}], 0x1, 0x60, 0xfffffffefffffffe}}], 0x48, 0x8004}, 0x0)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x1000f4)
ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611)

8m11.163316147s ago: executing program 3 (id=15320):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x0)
r0 = socket(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r1}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800019f000000000000000002000000000000000800010001000000040004"], 0x24}, 0x1, 0x0, 0x0, 0x4005}, 0x0)
sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0xa000000)

8m11.101579387s ago: executing program 3 (id=15321):
mknodat$loop(0xffffffffffffff9c, 0x0, 0x6004, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f00000020c0)=ANY=[@ANYBLOB, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, 0x0, &(0x7f0000000140), 0x5, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1, 0x0, 0x3}, 0x18)
syz_read_part_table(0x59d, &(0x7f0000000000)="$eJzs0r1Lu1cUB/CbgIRCJSKCgx0Eg0ujQhx0SAYrMWQxIlYcnAUHHQQHB0mJzr78A4pvIC5iZ0cxgijESTKKc0FxyZTS+hTa2qUtpvTH57OEe8+59+TyfQL/a/HwU7PZjIUQmom/f/r7s/xEsXdqbHomhFiYDyHkv/n610os6vjt1otoXYrWxUSmdnA7/nrWcdf3UE0dxaP6ZTyEH0IIS0/HyX/7Nr5857nr5MbmSmFrLbf4WFh/Hl4YyPds55d3Rw6z5dnu7Fz0YV3GWzM/VRs9uW+WXvbaB9uqtUbmJupLxz5nPv+tP+e/31WpVxqT/aerQ+nO+lV5J8r9Tf4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAnO89dJzc2Vwpba7nFx8L68/DCQL5nO7+8O3KYLc92Z+fi732X8dbMT9VGT+6bpZe99sG2aq2RuYn60rEPR7/78XP+Ei30bfhj/vtdlXqlMdl/ujqU7qxflXei3N8+5g8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8JfyE8XeqbHpmRBiYT6EMB7vOP5lv5l4r8eivovotxTtFxOZ2sHt+OtZx13fQzV1NJUIIfG7e5eejpNftfIh/CM/BwAA//8514ZQ")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002080)={&(0x7f0000000300)='kfree\x00'}, 0x10)

8m11.043971938s ago: executing program 44 (id=15322):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'dummy0\x00', <r2=>0x0})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bond0\x00', <r3=>0x0})
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
syz_mount_image$msdos(&(0x7f0000000100), &(0x7f0000000180)='./file1\x00', 0xa1c406, &(0x7f0000000200)=ANY=[@ANYRES32=0x0, @ANYRES16, @ANYRESDEC], 0x1, 0x2a9, &(0x7f0000002a00)="$eJzs3M9r02AYwPGn6dZ00209CXrxQS96CbMe1UOVDcSC0q2iHoSMZVpa25EUbUUwZ0/7O4ZHb4L4D+y/8DYE2WknI22zNOu6H251nd33AyXv+z7v277JS8qTlmTz2dqb8opnrdh1MdIqhogv2yIZKcmORLhNtcupqF3uZcWXm7Nvtz4tPH/xKJfPzxVU53OLt7OqOn3127sPn699r194+mXaNGUj83LzV/bHxqWNy5u/F1+XPC2lpFqrq61LtVrdXqo4ulzyypbqk4pje46Wqp7j7oqvVGqrq021q8tTk6uu43lqV5tqSFPrNU2Hs6qqZVk6Ndkqp+UcSf31iOJ6oWDnuvW55GBnhLPAdXN2a2En9pwNxfXhzAgAAAzT/vm/EfXZyf+N3vxf5JD8/2PYa/pr3/zf0+Pn/0mJ8v+y087/625T7Vd2KZ7/40C9+f/RGP9mMjiJhB+r3N8Vct3cRP9B5P8AAAAAAAAAAAAAAAAAAAAAAPwPtoNgJgiCmdbWEJEgrJsikozV+ww9V/fWj6r4+gexlxku8AHrjxEQu3EvLfLTbxQbxUR724nPP8zPzWpb7Ma/rUajmIzitzpx3R0fl8kwnu0bT8mN6514K/bgcT4eX2sUJ2T5wJn7gzoEAAAAAACMPEsjmagxLdH1vWWpKb3x9vV7p+R3fx/Q7qOBWvExuTJ2mnsCAAAAAAD24zXfl+1KxXFPp5A8xc86dkHkeMPvBOZAppEUkagl07dPYUFk+AdqT8GUMzGNUS7cHdgbBgmRTst4+GXQcxYAAAAAGC3d64FDu17sbeDvfQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABuNETxEzjtZ52PsIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnBV/AgAA//9sVrw0")
open(&(0x7f0000000280)='./file1\x00', 0x66842, 0x121)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=ANY=[@ANYBLOB="400000001000030400000000fedbdf2500000000", @ANYRES32=0x0, @ANYBLOB="15020000000000002000128008000100687372001400028008000100", @ANYRES32=r2, @ANYBLOB="08000200", @ANYRES32=r3], 0x40}, 0x1, 0xba01, 0x0, 0x4000044}, 0x10)

8m11.028003218s ago: executing program 3 (id=15325):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001340)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0x6}, 0x18)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x6000000)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r3 = dup(r2)
write$P9_RLERRORu(r3, &(0x7f0000000540)=ANY=[@ANYBLOB], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000800)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x101, 0x0, 0x0, 0x41100, 0x59}, 0x94)
write$binfmt_elf64(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
creat(&(0x7f00000003c0)='./file0\x00', 0x36)

8m10.92717092s ago: executing program 3 (id=15326):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000940)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad1f50ad32d3fd25dfd73a015e0ca6a0f68a7d007f15451dfb265a0e3ccae669e173a64bc1cfd5587d452d64e7cc957d77578f4c25235138d5521f9453559c35da860e8efbc64e57cbb7aee976f2b54421eed73d5661ca3dbe74bd09de8793dbcceef76b2e5feecf9c66c54c3b3ffe1b4ce25d7c983c044c06cd0a48dfe3e26e7a23129d6606fd28a69989d552af6d9a9df2c3af36e0360050011bbecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f163d1a13ed38ae82f87925bfacba83109753f541cd027edd68149ee99eebc6f7d6dd4aed4af7588c8e1b44ccb19e810879b70a7000000e7ffffff00000000d7900a820b63278f4e9a217b98ef7042ad2a92895614cd50cbe43a1ed25268816b00000000000009d27d753a30a147b24a48435bd8a568669596e9e0867958e1dd7a0defb6670c06054002238260000000000040587c1ed797aa21a38e1e389f640a0b8b0000000000a835ad0f61ba73c31b05c00fba8a4aee676d7c45bb29671a68ee2e60da7b01a2e5785a238afa4aba70c07fcd95bf8b0d71b6f72d6a8d87fb08533d97ad96d3943c4cc8306dac433a5cdf334178b04963d67dd5a5707e618a1ef9057fec00f9e930219fa8d30e716de8cde9c60f0000000c3b64d10f0939b42b788daa7075fa542242b00f6bf9b64ad460e386b6f388351fbdacb3ad074574ee9d450f9dcfaef1be95ff3c449e6482e4403174618c20e887d6f320616d31d78a0e5421d5742cc52509fd90cf2df6d1404f6b8f810d7b94d421971b77a3270153a0d57cccfe27872f3e8e44480f93c33421986a7737842627301fb2fee8cabab074adaa2024ff57e609ba2f4d83b3bbf52309484532416f48f43b31395c6f45fee8f1682a4e8d5e3b9ae634ed24fb0e8b5fadaf5cb7eea62b7bb4264e72950c9dc791d771acc24c08cdb6ef24c813d082a86d9b879bdf5aefdfd905a2bd4ea36b0b54915a68fe149db154a8340017e1855511e9c0fe62d0cf55"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000140)='devlink_hwerr\x00', r1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
tkill(0x0, 0x11)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f00000000c0)='./file0/../file0/../file0/../file0\x00', &(0x7f00000001c0)='./file0/../file0/../file0/../file0\x00')

8m10.838245091s ago: executing program 3 (id=15327):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'macvlan1\x00'})
socket$inet6_udp(0xa, 0x2, 0x0)
r1 = open(&(0x7f00009e1000)='./file0\x00', 0x149040, 0x10)
fcntl$setlease(r1, 0x400, 0x0)
truncate(&(0x7f0000000040)='./file0\x00', 0x0)
fcntl$setlease(r1, 0x400, 0x2)
r2 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_rx_ring(r2, 0x107, 0x5, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=@base={0xb, 0x5, 0x2, 0x0, 0xa0d, 0xffffffffffffffff, 0x0, '\x00', 0x0, r1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffe}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000004b84ffec85"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
set_mempolicy(0x6005, &(0x7f0000000080)=0xfffffffffffffffd, 0x4)
syz_clone(0x42000000, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1000000004000000040000000200000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000edffffff00"/28], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000a80)={{r5}, &(0x7f0000000a00), &(0x7f0000000400)=r4}, 0x20)
r6 = dup(0xffffffffffffffff)
write$cgroup_subtree(r6, &(0x7f0000000040)=ANY=[@ANYBLOB="2dc3fe8ee7e25869bc"], 0x9)

8m10.415111047s ago: executing program 3 (id=15330):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x8, 0x0, 0x1003, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, 0x32)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000500)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r3, 0x0, 0x5}, 0x18)
writev(r0, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x180204}], 0x1)

8m10.385770568s ago: executing program 45 (id=15330):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x8, 0x0, 0x1003, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, 0x32)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000500)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r3, 0x0, 0x5}, 0x18)
writev(r0, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x180204}], 0x1)

7m29.918935905s ago: executing program 6 (id=15862):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000ffffffff000000000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r1)
sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)={0x30, r2, 0x1, 0x70bd27, 0x25dfdbfd, {}, [@NL80211_ATTR_REG_ALPHA2={0x6, 0x21, 'b\x00'}, @NL80211_ATTR_DFS_REGION={0x5, 0x92, 0xfa}, @NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x4}]}]}, 0x30}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r3}, 0x38)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', 0xffffffffffffffff, 0x0, 0x3}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r4 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
pread64(r4, &(0x7f0000001240)=""/102400, 0x200000, 0x0)

7m29.651886679s ago: executing program 6 (id=15865):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0b0000000700000001000100490000005546fb4bd9208f59477aee84ca1c5dbbd9209818bb98fcdaa197ae13803ffe72c0557191cc1cba65ca7bd4a643a4415604b9503b9586f44b9cec82b2ba7ebadf50d2f3ec6af001c8ce49d66ffe22e31a07dc7bf4b790a2", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket(0x840000000002, 0x3, 0xff)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000040)='gre0\x00', 0x10)
sendmmsg$inet(r3, &(0x7f0000000440)=[{{&(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001980)=[{&(0x7f0000000200)="a90500040000746400009e150451160200000064", 0x14}], 0x1}}], 0x1, 0x4004040)
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=@base={0x5, 0x7, 0x8, 0x5, 0x80}, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000050000000200"], 0x50)
r5 = open(&(0x7f0000000140)='./file0\x00', 0x10f3c0, 0x186)
fgetxattr(r5, &(0x7f00000003c0)=@known='security.selinux\x00', 0x0, 0x0)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e21, @empty}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0xe50c1700, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xffffff56})
socket$inet6(0xa, 0x3, 0x4)
socket(0x10, 0x2, 0x0)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r6}, 0x4)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r7}, 0x10)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r8, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r9=>0x0})
sendmsg$nl_route(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYBLOB="280000001100000227bd7000fddbdf2500000000", @ANYRES32=r9, @ANYBLOB="c096e6ff032100000500270005000000"], 0x28}, 0x1, 0x0, 0x0, 0x40}, 0x80)

7m28.92573535s ago: executing program 6 (id=15878):
bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r0, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

7m28.89124732s ago: executing program 6 (id=15879):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(0x0, &(0x7f00000001c0)='./file0/../file0/../file0/../file0\x00')

7m28.814277561s ago: executing program 6 (id=15881):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000300000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1a, 0xc, &(0x7f00000004c0)=ANY=[@ANYRESDEC, @ANYRES32=r0, @ANYBLOB="0000000000000000b70800004900000000678af8ff00000000bfa200000000000007020000f8ffffffb7030000080000ffff04000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2})
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x4004881)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x11, 0x4, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2, 0x0, 0x7}, 0x18)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000600)='./file0\x00', 0xc8d0, &(0x7f0000000140)=ANY=[@ANYRES8=0x0], 0x1, 0x2e3, &(0x7f0000000280)="$eJzs3M9LG2kYwPEnMYkxoslh2WUXFh92L7uXQbP3paEolAYq1pT+gNJRJ23INJFMsKSU2p56Lf0jehCP3oTWf8BLbz310puXQg/1UDol8yNGjdXGH/HH9wPyvvq8T+Z9Z1Sed2Bm4+bLh+WiYxTNukSTKhERkU2RjEQlFAnaqNdPSLtn8u/g5/d/Xr91+2ounx+fUp3ITf+XVdXhkTePngwEw1b7ZT1zd+NT9uP6r+u/b3ybflBytORopVpXU2eqH+rmjG3pXMkpG6qTtmU6lpYqjlXz41U/XrSr8/MNNStzQ6n5muU4alYaWrYaWq9qvdZQ875ZqqhhGDqUEuynsDQ1Zea6TJ494sngmNRqObNPRAZ2RQpLPZkQAADoqaD+b1X70WZJ3039H+tY/y//tVYfvLEyHNT/q4lm/S/SVv/f2/qsbfV/UkSOvf7fXRGdL6774/ih6n+cEc36PxX8/Xqe31ke9TrU/wAAAAAAAAAAAAAAAAAAAAAAnAWbrpt2XTcdtuFXv4gkvSdI/O97PU8cD67/xbb14o7YsIj9YqGwUPDbYMCaiNhiyaik5av3+xBo9hOi3iBtyshbezHIX1wo9HmRXFFKXv6YpCWzM991J67kx8fUtz0/Lqn2/Kyk5ZfO+dmd+fFmm5B//m7LNyQt72alKrbMBU/GhflPx1QvX8vvOP6ANw4AAAAAgPPA0JbW/r2/PW7sjvv7Yz/e2l93vD/g769HO+7vY/JHrFerBgAAAADgYnEaj8umbVu1c9cJV3jQrPC9xnuMiUhkr9ARdMKDn4JTFz/QGYt2NdWRxE9elI6d8LbRXmNksptPdtMihz2Hv716/eXorsX/K8l9VtptJ7HfSuMn9x8IAAAAwEnZKvrDn1zq7YQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALiATuLFcr1eIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBafA8AAP//ohEIjg==")
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)
write$cgroup_int(r3, &(0x7f0000000000), 0xffffff6a)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$can_raw(0x1d, 0x3, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0))
openat2(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)={0x60cc0, 0xb, 0x4}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)={0x2, 0x4, 0x8, 0x1, 0x80, r3}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
unshare(0x26020480)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000002c0000000800000000100000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/24], 0x50)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x5, 0x4, 0x7, 0x0, r5}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0xffff, r6}, 0x38)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00'}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0a00000001010000ff7f0000cc00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000400"/28], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
sync()

7m28.19343381s ago: executing program 1 (id=15889):
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x700000, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000080)='kfree\x00', r0}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
lsetxattr$security_capability(&(0x7f0000000080)='./cgroup/cgroup.procs\x00', &(0x7f0000000140), &(0x7f00000001c0)=@v2={0x2000000, [{0x0, 0x5}, {0x4, 0x1ff}]}, 0x14, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a30000000006c000000160a01000000000000000000010000000900010073797a30000000000900020073797a3000000000400003800800014000000000080002400000fbff2b0003801400010067656e6576653000000000000000000014000100776732000000000000000000c6e49c0f5c000000180a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c0003801400010067656e6576653000"], 0x110}}, 0x0)

7m28.163826701s ago: executing program 6 (id=15891):
syz_io_uring_setup(0x497, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x3a56, &(0x7f0000000200)={0x0, 0x4eb9, 0x2, 0x1, 0x32d}, &(0x7f0000000140), &(0x7f0000000180))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="160000000000000004000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x94)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="8000000000010104000000000000000002000000240001801400018008000100e000000108000200e00000010c000280050001000000000024000280140001800800010000000000080002007f0000010c0002"], 0x80}}, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000004c0)={'ip6tnl0\x00', 0x0})
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=@bloom_filter={0x1e, 0x9, 0x0, 0x200, 0x20000, r1, 0xc8e, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x5, 0x1, 0x3}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000140)=@o_path={0x0, r1}, 0x18)
syz_emit_ethernet(0x22, &(0x7f00000004c0)={@local, @broadcast, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x3, 0xc, 0x14, 0x65, 0x0, 0x8, 0x2f, 0x0, @local, @local}}}}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000000)='rpcb_setport\x00', r0, 0x0, 0x1}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x10, 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x0}, 0x94)
syz_read_part_table(0x618, &(0x7f0000002200)="$eJzs3D+IFGcUAPC3dzc7dwqehUWwiWctBMXSK6LsbQwGZE0IHBb5iwhXXeBgQxY3eEVyheIWYplGApviXKvoFVY5FFIHsTAIW9gETBNiipsws3O3GzgOEjaE4O9XfN/bnTfvzQfTvgn+1yYiKaMsLbY3PtozP5sdxu14r1tbOJtlWfZuRCUuRhJzyYFeRExF9G6NVI2jEbF/pM7tb/ZtfP3rW0n3yYVktH470jiY51YjL1ma2e1R0r99WMZufX5z9urqcv1a/qPe6m+9H3HnRa1x79xapzeZnPkk//9KxMMyf6pYZya27/9wKv5yZQ9fDsPKaP/tl+Py43qrf6v77PjW4frk95dOvTyycf3BiYiVvPL5KF72oeo/P/Oo9fnNrFT0X5m7sdhpnT5299DNk837jxrPJ38vLw9aToynLQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/5L1fFmtxrXm/OXH9Vb/q59+fOfOi1rj3rm1Tu/t6pmnlUHewzJ/qtw/i2Z8HklELMVSfBrLu5d/bSc6sBMtVkb7z2/OXl1drg/6/7Ev4tnxrcP17sylUy8XNq4/OFFkVWI63ybGevRd+rf6K3M3Fjut08fuHrp5snn/UeP55CBvKY2Pi+NGRDr+xwAAAAAAAAAAAAAAAAAAAOAVV1s4e+T8m42DeXxxOiJ++aKYss/Sme+imLwfOFruT9PBKP/t6cG3ALpPLvxW/eCHtZ/Lofh2pNGOiP3fJhHx+k6fK8W6/fWASIaV+S/9GQAA///p7o1q")
syz_emit_ethernet(0x9a, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd6001010000641100fe8000000000000000000000000000bbff02000000000000000000000000000100004e22"], 0x0)
creat(&(0x7f0000000100)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r4 = open(&(0x7f0000000080)='./bus\x00', 0x147842, 0x49)
preadv2(r4, &(0x7f0000000040)=[{&(0x7f0000001200)=""/4096, 0xfffffdef}], 0x1, 0x0, 0x0, 0x0)
syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000080)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f0000000880)=ANY=[@ANYBLOB='dots,gid=', @ANYRESHEX=0xee01, @ANYBLOB="2c6e6f646f74732c646f74732c74696d655f6f66667365743d3078303030303030303030303030303264382c646f74732c646f74732c6e6f646f74732c6e6f646f74732c646f74732c646f74732c6e6f646f74732c6e6f646f74732c636865636b3d72656c617865642c666c7573682c64656275672c646f74732c73686f77657865632c6e6f646f74732c6572726f72733d636f6e74696e75652c646f74732c71756965742c003fa5bfd3e968f92d300444698c6f8d94d8b46ce3ce652bc8f6"], 0x1, 0x214, &(0x7f0000000a00)="$eJzs3cFuElEUANBLS8tgXHRnYmIyxoWuGvULakxNjCQmNSx010RWsIINsGk/w1/wv/wA0xWbZgzOTEFKKRIBredsuMx9d3iPBwMbLlnkvj34EklSiZ2jOIpRJQ5iJ0rnAQDcJaMsi+9Z7verq+uYEgCwZkt8/l9ueEoAwJp9+Pjp3atG4/gkTZOIi/N+s9/Mb/P8m7eN4+fpTweTqot+v7l7lX+Rzn53GOf34l6Rf5nXp1fp/Yho7sezJ3l+nHv9vpH+Wl+Lz2teOwAAAAAAAAAAAAAAAAAAAAAAbMujSEtz+/scHs7m60U+vzfVH2imf081HpbtgSftgbKzTSwKAAAAAAAAAAAAAAAAAAAA/jG9wbB92um0upOgFhHTR6pzxtwcVIoTLzV4+8FOfbXyerHMqdRllrutvFI8RetdYH3+5i4TRPVv2Z1Vg/RPnbBWbvP1VD0qC8qzbBzMfxeUbTFuLN+PiMUTe3qy6rpG41fo18fd3iCyhYMn14jaxq5GAAAAAAAAAAAAAAAAAADwf5v61fc1ye42ZgQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAm9cbDMt/+R+2TzudVrc3GLZPk+LY5Mi84Cwi7t8yptXtlY+1F8l2FgkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCd9yMAAP//lJodvA==")
mkdir(&(0x7f0000000100)='./control\x00', 0x0)

7m28.148246731s ago: executing program 46 (id=15891):
syz_io_uring_setup(0x497, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x3a56, &(0x7f0000000200)={0x0, 0x4eb9, 0x2, 0x1, 0x32d}, &(0x7f0000000140), &(0x7f0000000180))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="160000000000000004000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x94)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="8000000000010104000000000000000002000000240001801400018008000100e000000108000200e00000010c000280050001000000000024000280140001800800010000000000080002007f0000010c0002"], 0x80}}, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000004c0)={'ip6tnl0\x00', 0x0})
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=@bloom_filter={0x1e, 0x9, 0x0, 0x200, 0x20000, r1, 0xc8e, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x5, 0x1, 0x3}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000140)=@o_path={0x0, r1}, 0x18)
syz_emit_ethernet(0x22, &(0x7f00000004c0)={@local, @broadcast, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x3, 0xc, 0x14, 0x65, 0x0, 0x8, 0x2f, 0x0, @local, @local}}}}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000000)='rpcb_setport\x00', r0, 0x0, 0x1}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x10, 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x0}, 0x94)
syz_read_part_table(0x618, &(0x7f0000002200)="$eJzs3D+IFGcUAPC3dzc7dwqehUWwiWctBMXSK6LsbQwGZE0IHBb5iwhXXeBgQxY3eEVyheIWYplGApviXKvoFVY5FFIHsTAIW9gETBNiipsws3O3GzgOEjaE4O9XfN/bnTfvzQfTvgn+1yYiKaMsLbY3PtozP5sdxu14r1tbOJtlWfZuRCUuRhJzyYFeRExF9G6NVI2jEbF/pM7tb/ZtfP3rW0n3yYVktH470jiY51YjL1ma2e1R0r99WMZufX5z9urqcv1a/qPe6m+9H3HnRa1x79xapzeZnPkk//9KxMMyf6pYZya27/9wKv5yZQ9fDsPKaP/tl+Py43qrf6v77PjW4frk95dOvTyycf3BiYiVvPL5KF72oeo/P/Oo9fnNrFT0X5m7sdhpnT5299DNk837jxrPJ38vLw9aToynLQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/5L1fFmtxrXm/OXH9Vb/q59+fOfOi1rj3rm1Tu/t6pmnlUHewzJ/qtw/i2Z8HklELMVSfBrLu5d/bSc6sBMtVkb7z2/OXl1drg/6/7Ev4tnxrcP17sylUy8XNq4/OFFkVWI63ybGevRd+rf6K3M3Fjut08fuHrp5snn/UeP55CBvKY2Pi+NGRDr+xwAAAAAAAAAAAAAAAAAAAOAVV1s4e+T8m42DeXxxOiJ++aKYss/Sme+imLwfOFruT9PBKP/t6cG3ALpPLvxW/eCHtZ/Lofh2pNGOiP3fJhHx+k6fK8W6/fWASIaV+S/9GQAA///p7o1q")
syz_emit_ethernet(0x9a, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd6001010000641100fe8000000000000000000000000000bbff02000000000000000000000000000100004e22"], 0x0)
creat(&(0x7f0000000100)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r4 = open(&(0x7f0000000080)='./bus\x00', 0x147842, 0x49)
preadv2(r4, &(0x7f0000000040)=[{&(0x7f0000001200)=""/4096, 0xfffffdef}], 0x1, 0x0, 0x0, 0x0)
syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000080)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f0000000880)=ANY=[@ANYBLOB='dots,gid=', @ANYRESHEX=0xee01, @ANYBLOB="2c6e6f646f74732c646f74732c74696d655f6f66667365743d3078303030303030303030303030303264382c646f74732c646f74732c6e6f646f74732c6e6f646f74732c646f74732c646f74732c6e6f646f74732c6e6f646f74732c636865636b3d72656c617865642c666c7573682c64656275672c646f74732c73686f77657865632c6e6f646f74732c6572726f72733d636f6e74696e75652c646f74732c71756965742c003fa5bfd3e968f92d300444698c6f8d94d8b46ce3ce652bc8f6"], 0x1, 0x214, &(0x7f0000000a00)="$eJzs3cFuElEUANBLS8tgXHRnYmIyxoWuGvULakxNjCQmNSx010RWsIINsGk/w1/wv/wA0xWbZgzOTEFKKRIBredsuMx9d3iPBwMbLlnkvj34EklSiZ2jOIpRJQ5iJ0rnAQDcJaMsi+9Z7verq+uYEgCwZkt8/l9ueEoAwJp9+Pjp3atG4/gkTZOIi/N+s9/Mb/P8m7eN4+fpTweTqot+v7l7lX+Rzn53GOf34l6Rf5nXp1fp/Yho7sezJ3l+nHv9vpH+Wl+Lz2teOwAAAAAAAAAAAAAAAAAAAAAAbMujSEtz+/scHs7m60U+vzfVH2imf081HpbtgSftgbKzTSwKAAAAAAAAAAAAAAAAAAAA/jG9wbB92um0upOgFhHTR6pzxtwcVIoTLzV4+8FOfbXyerHMqdRllrutvFI8RetdYH3+5i4TRPVv2Z1Vg/RPnbBWbvP1VD0qC8qzbBzMfxeUbTFuLN+PiMUTe3qy6rpG41fo18fd3iCyhYMn14jaxq5GAAAAAAAAAAAAAAAAAADwf5v61fc1ye42ZgQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAm9cbDMt/+R+2TzudVrc3GLZPk+LY5Mi84Cwi7t8yptXtlY+1F8l2FgkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCd9yMAAP//lJodvA==")
mkdir(&(0x7f0000000100)='./control\x00', 0x0)

7m28.088987382s ago: executing program 1 (id=15895):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001000)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xc8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmsg$inet(r4, &(0x7f0000000940)={0x0, 0x0, 0x0}, 0x80)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_TYPE(r5, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000580)={0x28, 0xd, 0x6, 0x101, 0x0, 0x0, {0x3, 0x0, 0x9}, [@IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x8805}, 0x40000)
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
recvfrom$inet(r6, &(0x7f0000000000)=""/86, 0x56, 0x40002041, &(0x7f0000000080)={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x3d}}, 0x10)
recvmsg$unix(r3, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r7=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000300)=ANY=[@ANYBLOB="8fedcb791f6f9875f37538e486dd6317ce8102030400fe08000e40000200875a65969ff57b00ff020000000000000000000000000001"], 0xfdef)
syz_open_procfs(0x0, &(0x7f00000001c0)='pagemap\x00')
pread64(r1, &(0x7f0000000200)=""/102396, 0x18ffc, 0x1000008080)

7m28.009523773s ago: executing program 1 (id=15897):
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r1}, 0x38)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2, 0x0, 0x3}, 0x18)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}})

7m28.008607993s ago: executing program 1 (id=15898):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f00000000c0)='./file0/../file0/../file0/../file0\x00', 0x0)

7m27.962268364s ago: executing program 1 (id=15900):
r0 = socket$inet6(0xa, 0x3, 0x88)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000c00)={{{@in=@local, @in=@remote, 0x0, 0x0, 0x1, 0x0, 0x2}, {0x0, 0x1fffffffe, 0x40000000007, 0x20000a0de, 0x40000000000004, 0x2, 0x200000003, 0x400}, {0x40000000000005, 0x0, 0x0, 0x5}, 0x4, 0x0, 0x1}, {{@in6=@loopback, 0x0, 0x6c}, 0x2, @in6=@private2, 0x3500, 0x1, 0x8, 0x0, 0x9075, 0x0, 0x53f}}, 0xe8)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x4}}}, 0x1c)

7m27.58043764s ago: executing program 0 (id=15903):
add_key$keyring(0x0, &(0x7f0000000200)={'syz', 0x3}, 0x0, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000340)=ANY=[@ANYBLOB="b7556d07aac56d8a1eadafcd53", @ANYBLOB], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000940)={r0, 0xe0, &(0x7f0000000c80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340), ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000380), &(0x7f00000002c0), 0x0, 0x34, &(0x7f0000000680), 0x0, 0x10, &(0x7f00000006c0), 0x0, 0x0, 0xa2, 0x8, 0x8, &(0x7f0000000800)}}, 0x10)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00', r1}, 0x18)
r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3)
set_mempolicy(0x3, &(0x7f00000001c0)=0x6, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x6c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc}, 0x94)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB="0300"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000840)=ANY=[@ANYBLOB="18050000000000000000000000000005b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa4000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7040000080000008500000095000000950000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'ip6_vti0\x00'})
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="4000000010000304fcffffff3f00000000000000", @ANYRES32=0x0, @ANYBLOB="a5fdad8800000000180012800e0001007769726567756172640000000400028008000a00", @ANYRES32], 0x40}, 0x1, 0x300000000000000, 0x0, 0x4004}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='kfree\x00', r5}, 0x10)
socket$nl_rdma(0x10, 0x3, 0x14)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000040000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f00000017c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000180)='sys_enter\x00', r7}, 0x10)
setresgid(0x0, 0x0, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r8, &(0x7f0000000240)={0x0, 0xffe4, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="17090000000000000000010000000500070000000000080009000000001b08000a0000000000060002000100000014001f0000000000000000000100000000000000140020"], 0x64}}, 0x0)
write(r2, &(0x7f0000000bc0)="ebf393cd26618bfbfc0ca849d6507daec39ca3f946451f95a56c613552bbd8dce7a7062dc156328f1932cccd1af51eb05360794c06afda098dd8a78e3d5fe284448aded4d88b9ec047a2d69fe5de616079e36a6b8ade387538d58f3c8cf5120cd710a9ca72268e07630ffa1e12b4dc7960a2bb85fc294518a8934e3e2f3f5743015a6bce32fccdff2a78357efa97f57123a55312c05df7699ea9bc82eaf01085cf8d1c91a356d1a5922cf2dcd63a14e36ac614135dda48ae394b4f63", 0xbc)

7m27.522898451s ago: executing program 1 (id=15904):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000001c0)='kfree\x00', r0}, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="480000001000030500"/20, @ANYRES32=r1, @ANYBLOB="0000000000000000280012800b0001006d61637365630000180002800c0004000100000100c28000050003"], 0x48}}, 0x40000)

7m27.522567531s ago: executing program 47 (id=15904):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000001c0)='kfree\x00', r0}, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="480000001000030500"/20, @ANYRES32=r1, @ANYBLOB="0000000000000000280012800b0001006d61637365630000180002800c0004000100000100c28000050003"], 0x48}}, 0x40000)

7m27.370842053s ago: executing program 0 (id=15907):
creat(0x0, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
getpid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
fsmount(0xffffffffffffffff, 0x0, 0x20)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000340)={'veth0_to_bond\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x70bd2d, 0x25dfdbff, {0x0, 0x0, 0x0, r3, {0xc}, {0xfff3}}}, 0x24}}, 0x20040000)

7m27.112883796s ago: executing program 0 (id=15908):
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r1}, 0x38)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2, 0x0, 0x3}, 0x18)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}})

7m27.066383737s ago: executing program 0 (id=15910):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f00000000c0)='./file0/../file0/../file0/../file0\x00', 0x0)

7m26.972300348s ago: executing program 0 (id=15911):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)={{0x14, 0x10, 0x1, 0x24, 0x0, {0xc}}, [@NFT_MSG_NEWRULE={0x44, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x18, 0x4, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, @numgen={{0xb}, @val={0x4}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x6c}, 0x1, 0x0, 0x0, 0x40050}, 0x0)

7m26.650764363s ago: executing program 0 (id=15912):
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030007e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x50)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000180a0500000000000000000002000000300003802c00038004000100776732000000000000000000000000001400010076657468315f746f5f627269646765000900020073797a30000000000900010073797a30"], 0x84}, 0x1, 0x0, 0x0, 0x40000}, 0x20008000)
r2 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$MRT6_FLUSH(r2, 0x29, 0xd4, &(0x7f0000000280)=0x5, 0x4)
r3 = socket(0x2, 0x2, 0x1)
bind$unix(r3, &(0x7f0000000000)=@abs, 0x6e)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket$kcm(0x23, 0x2, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000bc0)='blkio.bfq.empty_time\x00', 0x26e1, 0x0)
setsockopt$sock_attach_bpf(r5, 0x1, 0x3e, &(0x7f00000000c0)=r6, 0x4)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x37, 0x7fffffff}]})
close_range(r7, 0xffffffffffffffff, 0x0)

7m26.650223763s ago: executing program 48 (id=15912):
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030007e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x50)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000180a0500000000000000000002000000300003802c00038004000100776732000000000000000000000000001400010076657468315f746f5f627269646765000900020073797a30000000000900010073797a30"], 0x84}, 0x1, 0x0, 0x0, 0x40000}, 0x20008000)
r2 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$MRT6_FLUSH(r2, 0x29, 0xd4, &(0x7f0000000280)=0x5, 0x4)
r3 = socket(0x2, 0x2, 0x1)
bind$unix(r3, &(0x7f0000000000)=@abs, 0x6e)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket$kcm(0x23, 0x2, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000bc0)='blkio.bfq.empty_time\x00', 0x26e1, 0x0)
setsockopt$sock_attach_bpf(r5, 0x1, 0x3e, &(0x7f00000000c0)=r6, 0x4)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x37, 0x7fffffff}]})
close_range(r7, 0xffffffffffffffff, 0x0)

30.779595815s ago: executing program 4 (id=26879):
socket$nl_netfilter(0x10, 0x3, 0xc)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=@bloom_filter={0x1e, 0x1, 0x1, 0xd697, 0x80, 0xffffffffffffffff, 0xff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x2, 0xa}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000002c0)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4400000010004b0400000000000000007a000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b0001006272696467650000140002800800080081000000060027"], 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2010008, &(0x7f00000001c0), 0xff, 0x52e, &(0x7f0000000640)="$eJzs3cFvI1cZAPBvnDib7GabFDhApZZCi7IVrJ00tI04lCIhOFVClPsSEieK4sRR7LSbqILsX4CEECBxggsXJP4AJLQSF44IqRKcQSoCIdiCBAfoINvjJDjjxFuceNf5/aTZeW/GM9/3vHnjGc/TOIAr69mIeC0i3k/T9IWImMmWF7IpDttT83XvPXh7pTklkaZv/DWJJFvW2VeSzW9km01GxFe/HPGN5HTc+v7B5nK1WtnN6uXG1k65vn9we2Nreb2yXtleXFx4eemVpZeW5gfSzpsR8eoX//i9b//kS6/+4jNv/eHOn299s5nWdLb+ZDse0vhZK9tNL16b7Npg9wMGexQ121PsVKb62+beBeYDAEBvzXP8D0XEJyPihZiJsbNPZwEAAIDHUPr56fh3EpHmm+ixHAAAAHiMFFpjYJNCKRsLMB2FQqnUHsP7kbheqNbqjU+v1fa2V9tjZWejWFjbqFbms7HCs1FMmvWFVvm4/mJXfTEinoyI785MteqllVp1ddhffgAAAMAVcaPr+v8fM+3rfwAAAGDEzA47AQAAAODCuf4HAACA0ef6HwAAAEbaV15/vTmlnd+/Xn1zf2+z9ubt1Up9s7S1t1Jaqe3ulNZrtfXWM/u2zttftVbb+Wxs790tNyr1Rrm+f3Bnq7a33bizEZOX0iAAAADglCc/fv93SUQcfm6qNTVNDDsp4FKMH5WSbJ7T+3//RHv+7iUlBVyKsT5e8+61/OXOE+DxNt69oEdfB0ZPcdgJAEOXnLO+5+CdX2fzTww2HwAAYPDmPpZ///+864GIw8IlpAdcIJ0Yrq6u+//pzLASAS5d6/5/vwN5nCzASCn2NQIQGGX/9/3/c6XpQyUEAAAM3HRrSgql7Ou96SgUSqWIm62fBSgmaxvVynxEPBERv50pXmvWF1pbJn2MEQAAAAAAAAAAAAAAAAAAAAAAAAAAovVU7iRSAAAAYKRFFP6U/LL9LP+5meenu78fmEj+1fpJ4ImIeOuHb3z/7nKjsbvQXP63o+WNH2TLXxzGNxgAAABAt851emv+z2FnAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCoee/B2yudqY+XTw0q7l++EBGzefHHY7I1n4xiRFz/exLjJ7ZLImJsAPEP70XER/PiJ820jkLmxR/Em3BO/JjN3oW8+DcGEB+usvvN489ref2vEM+25vn9bzzif+ofVO/jXxwd/8Z69P+bfcZ46p2flXvGvxfx1Hj+8acTP+kR/7k+43/9awcHvdalP4qY63z+tI54JyMcl8qNrZ1yff/g9sbW8nplvbK9uLjw8tIrSy8tzZfXNqqV7N/cGN95+ufvn9X+67mff0mWTe/2P5+zv7zPpP+8c/fBhzuVw9Pxbz2XE/9XP85ecTp+IYvzqazcXD/XKR+2yyc989PfPHNW+1eP2198mP//W7122u1UR3m63z8dAOAC1PcPNper1cruyBaaV+mPQBoKj2DhWwPdYZqmabNP5ay6HxH97CeJAbe0kJ/PcaHnEWDYRyYAAGDQjk/6h50JAAAAAAAAAAAAAAAAAAAAXF2X8ZS17pjHj0BOBvEIbQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAgfhvAAAA//89e9P5")
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r4, 0x2)
r5 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r5, 0x2)

29.843053039s ago: executing program 4 (id=26885):
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000000)={@private1, <r0=>0x0}, &(0x7f0000000080)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f00000003c0)=ANY=[@ANYRESOCT=r0, @ANYRESOCT=0x0], &(0x7f0000000040)='GPL\x00', 0xd, 0x0, 0x0, 0x0, 0x8, '\x00', r0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000c"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
r3 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000280)={'\x00', 0x7e, 0x1000, 0x5c8, 0x80000003, 0x6})
ioctl$BLKTRACETEARDOWN(r3, 0x1276, 0x0)

29.334592577s ago: executing program 4 (id=26889):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
execve(&(0x7f0000000640)='./file0\x00', &(0x7f0000000ac0)={[&(0x7f0000000680)='net/kcm\x00', &(0x7f0000000880)='\x00', &(0x7f00000008c0)='/]!\x00', &(0x7f0000000900)='\x00', &(0x7f0000000940)='GPL\x00', &(0x7f0000000980)='\\\'%\x00', &(0x7f00000009c0)='-:@(]\x00', &(0x7f0000000a00)='\\\'!\x00', &(0x7f0000000a40)='kmem_cache_free\x00', &(0x7f0000000a80)='net/kcm\x00']}, &(0x7f0000001d40)={[&(0x7f0000000b40)=')}\x00', &(0x7f0000000b80)='net/kcm\x00', &(0x7f0000001c00)='!{$*\x00', &(0x7f0000001c40)='$$.:\x00', &(0x7f0000001c80)='^#^\'.[,:)\x00', &(0x7f0000001cc0)='net/kcm\x00', &(0x7f0000001d00)='\x00']})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYRES32=r0], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000001e00)={'wg2\x00'})
write$vga_arbiter(0xffffffffffffffff, &(0x7f0000000080)=@unlock_all, 0xb)
r2 = epoll_create1(0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
close(r1)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
ioctl$PPPIOCNEWUNIT(r4, 0xc004743e, &(0x7f0000000140))
ioctl$PPPIOCSPASS(r4, 0x40107447, &(0x7f00000000c0)={0x2, &(0x7f0000000300)=[{0x50, 0xff, 0x0, 0x6}, {0x6, 0x60}]})
ioctl$PPPIOCSDEBUG(r4, 0x40047440, &(0x7f0000000340)=0x3)
write$ppp(r4, &(0x7f0000000200)="4176adc3a0", 0x5)
r5 = socket(0x40000000015, 0x5, 0x0)
clock_gettime(0x3, &(0x7f0000002080)={<r6=>0x0, <r7=>0x0})
accept4$tipc(r5, 0x0, &(0x7f0000002200), 0x80800)
r8 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_rx_ring(r8, 0x107, 0x5, &(0x7f00000000c0)=@req={0x8000, 0xb4f, 0x300, 0x1daf6}, 0x10)
r9 = accept$packet(r5, &(0x7f0000002240)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000002280)=0x14)
setsockopt$packet_int(r9, 0x107, 0xc, &(0x7f0000001400)=0x3d70, 0x4)
pselect6(0x40, &(0x7f0000001fc0)={0x2, 0x100000001, 0x1, 0x10, 0x5, 0x40, 0x2000000084, 0x1000000}, &(0x7f0000002000)={0xe, 0x0, 0x2, 0x74, 0xfffe, 0x5, 0x1ff, 0x7fffffffffffffff}, &(0x7f0000002040)={0x9, 0x4, 0x8000, 0xfff, 0x32, 0x4, 0x5, 0x1}, &(0x7f00000020c0)={r6, r7+60000000}, &(0x7f0000002140)={&(0x7f0000002180)={[0xdf]}, 0x8})
fsopen(&(0x7f00000022c0)='fusectl\x00', 0x1)
setsockopt$sock_int(r3, 0x1, 0x2e, &(0x7f0000000040)=0x80, 0x4)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000100)={0xa0028000})
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r10, 0x0, 0xfffffffffffffffd}, 0x18)
request_key(&(0x7f0000000000)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1, 0xc}, &(0x7f0000001fee)='R\x10rust\xe3c*sgrVex:Di', 0x0)
syz_open_procfs(0x0, &(0x7f0000000180)='net/kcm\x00')

29.073759751s ago: executing program 4 (id=26892):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="14000000100001000b000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f28000340000000045c0000000c0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000300003802c00008028000180230001"], 0xe8}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[], 0xe8}}, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0) (fail_nth: 3)

28.946541593s ago: executing program 4 (id=26895):
r0 = socket$inet_udp(0x2, 0x2, 0x0) (async)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f00000002c0)=0x10) (async)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'bridge_slave_0\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000300)={0x0, 0xef, &(0x7f0000000000)={&(0x7f0000005a40)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32=r3, @ANYBLOB='\b\x00\n\x00', @ANYRESOCT], 0xb4}}, 0x8004)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000080)={'ip6tnl0\x00', &(0x7f0000000000)={'syztnl1\x00', r3, 0x29, 0xf7, 0xf8, 0x2, 0x45, @dev={0xfe, 0x80, '\x00', 0x30}, @local, 0x1, 0x8, 0x8, 0xafa0}}) (async)
getsockopt$inet_opts(r0, 0x0, 0x5, 0x0, &(0x7f0000000ac0))

28.614510587s ago: executing program 4 (id=26898):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x18)
socket$kcm(0x10, 0x3, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000580)=ANY=[@ANYBLOB="180000008000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000c44185000000040000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200000a000000b703000000000000850000007500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10)
socket$kcm(0xa, 0x2, 0x88)
socket$kcm(0x10, 0x2, 0x10)
socket$kcm(0x1e, 0x4, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240))
socket$kcm(0x10, 0x2, 0x0)
socket$kcm(0x2, 0x5, 0x84)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x56, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x1, @perf_bp={0x0, 0xd}, 0x14105, 0x2e, 0xfffffbff, 0x2, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$kcm(0x2, 0x5, 0x84)
socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x204080, 0x0)
socket$kcm(0x2, 0x200000000000001, 0x0)
socket$kcm(0x10, 0x2, 0x0)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7ff0, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$kcm(0x29, 0x2, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.stat\x00', 0x26e1, 0x0)
socket$kcm(0xa, 0x5, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000001c0)=ANY=[@ANYRES32, @ANYRES32=r2, @ANYRES64=r2], 0x20)

13.54927311s ago: executing program 49 (id=26898):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x18)
socket$kcm(0x10, 0x3, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000580)=ANY=[@ANYBLOB="180000008000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000c44185000000040000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200000a000000b703000000000000850000007500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10)
socket$kcm(0xa, 0x2, 0x88)
socket$kcm(0x10, 0x2, 0x10)
socket$kcm(0x1e, 0x4, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240))
socket$kcm(0x10, 0x2, 0x0)
socket$kcm(0x2, 0x5, 0x84)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x56, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x1, @perf_bp={0x0, 0xd}, 0x14105, 0x2e, 0xfffffbff, 0x2, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$kcm(0x2, 0x5, 0x84)
socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x204080, 0x0)
socket$kcm(0x2, 0x200000000000001, 0x0)
socket$kcm(0x10, 0x2, 0x0)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7ff0, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$kcm(0x29, 0x2, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.stat\x00', 0x26e1, 0x0)
socket$kcm(0xa, 0x5, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000001c0)=ANY=[@ANYRES32, @ANYRES32=r2, @ANYRES64=r2], 0x20)

5.775381905s ago: executing program 9 (id=27118):
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x88, 0x67, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
sendmsg$TIPC_CMD_SHOW_PORTS(r0, &(0x7f0000000380)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000300)={&(0x7f0000000200)={0x1c, r4, 0x20, 0x70bd28, 0x25dfdbff, {}, ["", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x4000000)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70200001400000bb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r6 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x181)
write(r7, &(0x7f0000004200)='t', 0x1)
sendfile(r7, r6, 0x0, 0x3ffff)
r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r8, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendfile(r7, r6, 0x0, 0x7ffff000)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
memfd_create(&(0x7f00000001c0)='basic\x00', 0x2)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)

5.153928724s ago: executing program 9 (id=27125):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x3bf, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r0}, 0x18)
r1 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, 0x0, 0x0, 0xffffffffffffffff)
r2 = add_key$fscrypt_v1(&(0x7f0000000400), &(0x7f0000000440)={'fscrypt:', @desc1}, &(0x7f0000000480)={0x0, "6035ae1e0fe721441705322225930e6c1e3e2a51a92fd796bc34d7cf6e0236805b4377f7ab1a9b01c103a4c6a7ef54e6763fd7264c39ea00c508ba6062696138"}, 0x48, 0xfffffffffffffffe)
keyctl$KEYCTL_MOVE(0x4, r2, r1, 0x0, 0x0)
r3 = add_key$keyring(&(0x7f0000000180), 0x0, 0x0, 0x0, r2)
keyctl$KEYCTL_MOVE(0x1e, r1, 0x0, r3, 0x0)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000009c0)={<r5=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x2}, 0x242}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r7, 0x40082404, &(0x7f00000001c0)=0x200000000000010)
r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r8, @ANYBLOB="0000000000000000b707000008000000850000006900000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r9}, 0x10)
r11 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r11, 0x0, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x8, 0x3, 0x3b0, 0x0, 0x43, 0xa0, 0x1d0, 0x98, 0x318, 0x178, 0x178, 0x318, 0x178, 0x49, 0x0, {[{{@ip={@loopback, @local, 0x0, 0x0, 'veth0_to_bond\x00', 'ip6erspan0\x00'}, 0x12a, 0x1b0, 0x1d0, 0x0, {0x0, 0x7a010000}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x8, 0x0, 'syz0\x00'}}, @common=@unspec=@helper={{0x48}, {0x0, 'ftp-20000\x00'}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0xe8, 0x148, 0x0, {}, [@common=@unspec=@connbytes={{0x38}, {[{0xb}]}}, @common=@set={{0x40}, {{0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x300]}}}]}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv4=@multicast1}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x410)
signalfd4(r10, &(0x7f0000000000)={[0x5]}, 0x8, 0x80000)
ioctl$sock_inet_udp_SIOCINQ(r6, 0x541b, 0x0)
write(r5, 0x0, 0x0)
sendmsg$netlink(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="140100002800010004000000f8dbdf250401f2800c00180008ac0f00000000001400010000000000000000000000ffffac14142d50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b05000000bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be820400e900"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)
writev(r0, &(0x7f0000000500)=[{&(0x7f0000000380)="4b85999e6d235037f2a99f1336084ec58c40cc111cace6beecdd3aab22a6d72ddf7eb5f49a57f40e085359fd3bc00d5c15835450c3169e2a42f0d573d0477584ee82854a773d00716f1f5f0912e39997d0e2efe8b5baa274a632584b25cd99def42b7438acda004e7ed7dd5e3408f596b50f78a5", 0x74}], 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
rt_sigtimedwait(&(0x7f0000000040)={[0xffffffffffff7ff8]}, 0x0, 0x0, 0x8)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)

4.75712552s ago: executing program 9 (id=27131):
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000000)={@private1, <r0=>0x0}, &(0x7f0000000080)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f00000003c0)=ANY=[@ANYRESOCT=r0, @ANYRESOCT=0x0], &(0x7f0000000040)='GPL\x00', 0xd, 0x0, 0x0, 0x0, 0x8, '\x00', r0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000c"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
mknod$loop(0x0, 0x6000, 0x0)
r3 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000280)={'\x00', 0x7e, 0x1000, 0x5c8, 0x80000003, 0x6})
ioctl$BLKTRACETEARDOWN(r3, 0x1276, 0x0)

4.570806423s ago: executing program 7 (id=27134):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x18)
socket$kcm(0x10, 0x3, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000580)=ANY=[@ANYBLOB="180000008000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000c44185000000040000001801000020646c2500000000002020207b1af8ff00000000bfa1000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10)
socket$kcm(0xa, 0x2, 0x88)
socket$kcm(0x10, 0x2, 0x10)
socket$kcm(0x1e, 0x4, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240))
socket$kcm(0x10, 0x2, 0x0)
socket$kcm(0x2, 0x5, 0x84)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x56, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x1, @perf_bp={0x0, 0xd}, 0x14105, 0x2e, 0xfffffbff, 0x2, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$kcm(0x2, 0x5, 0x84)
socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x204080, 0x0)
socket$kcm(0x2, 0x200000000000001, 0x0)
socket$kcm(0x10, 0x2, 0x0)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7ff0, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$kcm(0xa, 0x2, 0x88)
socket$kcm(0x29, 0x2, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.stat\x00', 0x26e1, 0x0)
socket$kcm(0xa, 0x5, 0x0)
socket$kcm(0xa, 0x5, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000001c0)=ANY=[@ANYRES32, @ANYRES32=r2, @ANYRES64=r2], 0x20)

4.570411283s ago: executing program 9 (id=27135):
r0 = memfd_create(&(0x7f0000001ac0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85l\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~7\x16\x02\x00(v\xe6`\"6\xfcgC\xb5\xf0\x13.zj\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\a\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x82\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0Fd\x81\xbe\xbf\by\x7f\xd8X?\n\xf8P&!\x9d0F\x8dp\xf9:?1\xe8T\x13\xfb\x89\xac\\\xd4\xa9\xa3\xac\x80\xddd\xed\xb1I\xfcz\x9aQ\x03\xcdO\xdfn^\xb4\x97\xd1\x8a\x17\x8d\xce\xafg\xa2W|v\xc2\x99\x97X\xd7\x8b\x82Z\xa7\xac\xa4\xb1P\x8c\xfd^\xb8=\xd6Q\x8a\xe2\xed\xaaR\xd9\x1a\xd8\x92\xc8\x1b\xe6f\xd6\xb7rp\x8e\xd7I\xd0lN\xbd\x89\xac&)<\x9d\x8b\xcb\x93p\x90a\xef\xd0?\x02\x93\x83\xb9\xe4b\xfc1@\xde\xd8&\xd0\x8f\xa6G\xe0\xc9\xe9Z\xb4PG\xcf\xed\xf5\x94\x89\x9a\x02\xac\x9d\x1b\x9am\x82L\a,;\xcd\x11,\xf9\xe6\xe1\fa\xfe\xdc\xc0A\xc3\xda\x8f$\x87<\xef\xe2\xc2xP\xfc\xd4\xefX\x8doK\x8aa\x98.\x82!\xf9\rS\x04\xd2\xb4I\x1d=\xf9<\xb0?l\xa5\t\xd1j\"\x1e\xe5\xe0\xad\x14\x97\xde\xa3\x97\x9a\x9bp\'\xd4\xbc', 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
write$binfmt_misc(r0, &(0x7f0000000180)="e502", 0x2)
execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

4.563058252s ago: executing program 9 (id=27136):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1a, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2})
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x4004881)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x11, 0x4, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0, 0x0, 0x7}, 0x18)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000600)='./file0\x00', 0xc8d0, &(0x7f0000000140)=ANY=[@ANYRES8=0x0], 0x1, 0x2e3, &(0x7f0000000280)="$eJzs3M9LG2kYwPEnMYkxoslh2WUXFh92L7uXQbP3paEolAYq1pT+gNJRJ23INJFMsKSU2p56Lf0jehCP3oTWf8BLbz310puXQg/1UDol8yNGjdXGH/HH9wPyvvq8T+Z9Z1Sed2Bm4+bLh+WiYxTNukSTKhERkU2RjEQlFAnaqNdPSLtn8u/g5/d/Xr91+2ounx+fUp3ITf+XVdXhkTePngwEw1b7ZT1zd+NT9uP6r+u/b3ybflBytORopVpXU2eqH+rmjG3pXMkpG6qTtmU6lpYqjlXz41U/XrSr8/MNNStzQ6n5muU4alYaWrYaWq9qvdZQ875ZqqhhGDqUEuynsDQ1Zea6TJ494sngmNRqObNPRAZ2RQpLPZkQAADoqaD+b1X70WZJ3039H+tY/y//tVYfvLEyHNT/q4lm/S/SVv/f2/qsbfV/UkSOvf7fXRGdL6774/ih6n+cEc36PxX8/Xqe31ke9TrU/wAAAAAAAAAAAAAAAAAAAAAAnAWbrpt2XTcdtuFXv4gkvSdI/O97PU8cD67/xbb14o7YsIj9YqGwUPDbYMCaiNhiyaik5av3+xBo9hOi3iBtyshbezHIX1wo9HmRXFFKXv6YpCWzM991J67kx8fUtz0/Lqn2/Kyk5ZfO+dmd+fFmm5B//m7LNyQt72alKrbMBU/GhflPx1QvX8vvOP6ANw4AAAAAgPPA0JbW/r2/PW7sjvv7Yz/e2l93vD/g769HO+7vY/JHrFerBgAAAADgYnEaj8umbVu1c9cJV3jQrPC9xnuMiUhkr9ARdMKDn4JTFz/QGYt2NdWRxE9elI6d8LbRXmNksptPdtMihz2Hv716/eXorsX/K8l9VtptJ7HfSuMn9x8IAAAAwEnZKvrDn1zq7YQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALiATuLFcr1eIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBafA8AAP//ohEIjg==")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)
write$cgroup_int(r1, &(0x7f0000000000), 0xffffff6a)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$can_raw(0x1d, 0x3, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0))
openat2(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)={0x60cc0, 0xb, 0x4}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)={0x2, 0x4, 0x8, 0x1, 0x80, r1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
unshare(0x26020480)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000002c0000000800000000100000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/24], 0x50)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x5, 0x4, 0x7, 0x0, r4}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0xffff, r5}, 0x38)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00'}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0a00000001010000ff7f0000cc00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000400"/28], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
sync()

4.524596523s ago: executing program 7 (id=27137):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB], 0x50)
execve(&(0x7f0000000640)='./file0\x00', &(0x7f0000000ac0)={[&(0x7f0000000680)='net/kcm\x00', &(0x7f0000000880)='\x00', &(0x7f00000008c0)='/]!\x00', &(0x7f0000000900)='\x00', &(0x7f0000000940)='GPL\x00', &(0x7f0000000980)='\\\'%\x00', &(0x7f00000009c0)='-:@(]\x00', &(0x7f0000000a00)='\\\'!\x00', &(0x7f0000000a40)='kmem_cache_free\x00', &(0x7f0000000a80)='net/kcm\x00']}, &(0x7f0000001d40)={[&(0x7f0000000b40)=')}\x00', &(0x7f0000000b80)='net/kcm\x00', &(0x7f0000001c00)='!{$*\x00', &(0x7f0000001c40)='$$.:\x00', &(0x7f0000001c80)='^#^\'.[,:)\x00', &(0x7f0000001cc0)='net/kcm\x00', &(0x7f0000001d00)='\x00']})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYRES32=r0], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000001e00)={'wg2\x00', <r2=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001f00)={0x6, 0x4, &(0x7f0000001d80)=ANY=[@ANYBLOB="00a500000000ee0000b8f08000100000009500"/29], &(0x7f0000001dc0)='GPL\x00', 0x5, 0x0, 0x0, 0x40f00, 0x0, '\x00', r2, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000001e40)={0xa, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, &(0x7f0000001e80)=[{0x2, 0x4, 0xa, 0xc}, {0x4, 0x2, 0xd}, {0x4, 0x2, 0x1, 0xc5b94a25ecb8502c}, {0x4, 0x3, 0xe, 0x7}, {0x1, 0x4, 0xf, 0x6}], 0x10, 0x9}, 0x94)
write$vga_arbiter(0xffffffffffffffff, &(0x7f0000000080)=@unlock_all, 0xb)
r3 = epoll_create1(0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
close(r1)
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
ioctl$PPPIOCNEWUNIT(r5, 0xc004743e, &(0x7f0000000140))
ioctl$PPPIOCSPASS(r5, 0x40107447, &(0x7f00000000c0)={0x2, &(0x7f0000000300)=[{0x50, 0xff, 0x0, 0x6}, {0x6, 0x60}]})
ioctl$PPPIOCSDEBUG(r5, 0x40047440, &(0x7f0000000340)=0x3)
write$ppp(r5, &(0x7f0000000200)="4176adc3a0", 0x5)
r6 = socket(0x40000000015, 0x5, 0x0)
clock_gettime(0x3, &(0x7f0000002080)={<r7=>0x0, <r8=>0x0})
accept4$tipc(r6, 0x0, &(0x7f0000002200), 0x80800)
r9 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_rx_ring(r9, 0x107, 0x5, &(0x7f00000000c0)=@req={0x8000, 0xb4f, 0x300, 0x1daf6}, 0x10)
r10 = accept$packet(r6, &(0x7f0000002240)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000002280)=0x14)
setsockopt$packet_int(r10, 0x107, 0xc, &(0x7f0000001400)=0x3d70, 0x4)
pselect6(0x40, &(0x7f0000001fc0)={0x2, 0x100000001, 0x1, 0x10, 0x5, 0x40, 0x2000000084, 0x1000000}, &(0x7f0000002000)={0xe, 0x0, 0x2, 0x74, 0xfffe, 0x5, 0x1ff, 0x7fffffffffffffff}, &(0x7f0000002040)={0x9, 0x4, 0x8000, 0xfff, 0x32, 0x4, 0x5, 0x1}, &(0x7f00000020c0)={r7, r8+60000000}, &(0x7f0000002140)={&(0x7f0000002180)={[0xdf]}, 0x8})
fsopen(&(0x7f00000022c0)='fusectl\x00', 0x1)
setsockopt$sock_int(r4, 0x1, 0x2e, &(0x7f0000000040)=0x80, 0x4)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r4, &(0x7f0000000100)={0xa0028000})
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r11, 0x0, 0xfffffffffffffffd}, 0x18)
request_key(&(0x7f0000000000)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1, 0xc}, &(0x7f0000001fee)='R\x10rust\xe3c*sgrVex:Di', 0x0)
syz_open_procfs(0x0, &(0x7f0000000180)='net/kcm\x00')

4.268668267s ago: executing program 7 (id=27139):
syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581)
bpf$MAP_CREATE(0x0, &(0x7f0000001380)=ANY=[], 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x41, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000500fa43cf3753117e566f04000000080000800000000000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r2, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(r2, &(0x7f0000000e80)=[{{0x0, 0x0, &(0x7f0000000a00)=[{&(0x7f00000006c0)="0d18687da3e7f33aed145cf8ff2d1e5a18c0d5f9856f4824f41040f6987d0b531da10713ed151bc4867681f28e033aef683334d03864ed30590dd4ea64a20ecbbc1346c9f42510d91eec0632885b7da95ca85f4b1435c5c1e993a85257df5f19bdfc5e038a16e6a8aef907e347081fdb93cee93217e11f19cde423e6138bd1b79ee615527ccaf8049959ac6e32af46d777ccb8c26ca925f69590df13a81aee3213e80ba5cacf1f930b3cc49093d11594ef13325790b55efbdc2dd99ed1c3c609a49cc15187", 0xc5}], 0x1}}, {{0x0, 0x0, &(0x7f0000000d40)=[{&(0x7f0000000c40)="5c5eafd3ae55a73702d6befaee97f47f4be65587e1fca708cee084691e4587d887a5eaab43ac5edc4886496910cd7a153cd84b93208c7b1a625b3ea990092389b19dab4f61e30e000b4d7e51ffc9a5accbe20844356dd0ce192542d5e58d80657b3b5fb7a3d39337df9305959f", 0x6d}], 0x1}}, {{0x0, 0x0, &(0x7f0000000e40)=[{&(0x7f0000001800)="353a35d6094e4ee7d764b6993f65136c5d6b84d9b1324a0b25e094700c9a66f9181738098f32e3e48859c3878d53a9752474da0d6af299d849d48f2fa2c8c807d7a1521da940585790ff1e6f9da83e32b751d1af9cfac640c1361f5ae8b99c187dafe9ea854120f6eaab11e7fdeb3f2152ebdbc21520ca01f64bb821576deef4ed6696cdddc1768b5b4fbd68a687cb6ba52ecf5cc6f8f05062f26de19d6aaaeb6cbca00e46685f77d2b3e8dd9d0d099e799cd5a76c67ab283f790366f7f744508edc9e48fa101b89215bd330c4e706c1f09d781a5a50aef5e424a7a88b3241a338ca7411cda28aa167b5628b79e8a7d588efb69636181b9c54f6d296386c95f8a08e27d5792dcb20fa3b5b4f60c71f310b31bb1ab4a825c2dc10fac150a17d92bb51849d9eea53c78d427d8d1036dc906084046fcae09499c220ef50c2c7c475f392bc288eb5efb8032d1ade92e88e50a05a95dd5c6cbbdfb086fa53bca14d40c8c3f7149b39b16b7c7370978389366174db5fbc99dbe958f8c1690cd695dfbe6c384162a412c8d3cfd7cf223f9df4c67b92514111891f53d4e19826797302e1a87e7a627c52740bb3bd311771a68d349c0a68ef6f2a765f8220323add67b2b6695ca41adcda387a4264bcd94c8578a9ccca3b55ebcda45369b56068cfeec34abc2cbd94b9", 0x1e5}], 0x1}}], 0x3, 0x0)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r2, 0x6, 0x23, &(0x7f0000000000)={&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, &(0x7f0000002240)=""/4096, 0x1000, 0x0, 0x0}, &(0x7f0000000040)=0x40)
sendto$inet(r2, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="00000000000000a53b3de0ffffffff0085000000940000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
time(0x0)
r4 = open(&(0x7f0000000040)='./file0\x00', 0x101040, 0x0)
getsockopt$MRT(r2, 0x0, 0xce, &(0x7f00000001c0), &(0x7f0000000300)=0x4)
sync_file_range(r4, 0x0, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r5}, 0x10)
r6 = socket(0x10, 0x3, 0x0)
connect$netlink(r6, &(0x7f0000000380)=@unspec, 0xc)
sendmsg$nl_route_sched(r6, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x18, 0x31, 0x829, 0x0, 0x0, {0x0, 0x0, 0x2}, [{0x4}]}, 0x18}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='kfree\x00', r0}, 0x10)

4.203777308s ago: executing program 7 (id=27141):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0xfffffffe, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {0xf}, {0xe, 0xd}}, [@TCA_EGRESS_BLOCK={0x8, 0xe, 0x7fffffff}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x491, 0xfffffffd, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x20000880}, 0x0)

4.05879177s ago: executing program 7 (id=27144):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='br_fdb_add\x00', r1}, 0x10)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000100)='ns/uts\x00')
ioctl$NS_GET_USERNS(r2, 0xb701, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080000000180"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
semctl$GETPID(0x0, 0x4, 0xb, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x18)
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c10, &(0x7f0000000040)={[{}]}, 0xff, 0x23f, &(0x7f0000000540)="$eJzs3T1oLFUYBuB3Zne95t5FrtoI4g+IiAbCtRNsYqMQkBBEBBUiIjZKIsQEu8TKxkJrlVQ2QeyMlpIm2CiCVdQUsRE0WBgstFiZnURisuLPxh1xngdmZ2b3nPnOMPOe3WbYAK11Nclskk6S6SS9JMXpBnfWy9Xj3c2p3cVkMHjsh2LYrt6vnfS7kmQjyQNJdsoiL3STte2nDn7ae+Se11d7d7+7/eTURE/y2OHB/qNH78y/9sHc/WufffHdfJHZ9H93XhevGPFet0hu+jeK/UcU3aZHwF+x8Mr7X1a5vznJXcP891KmvnhvrFy308t9b/9R3ze///zWSY4VuHiDQa/6DtwYAK1TJumnKGeS1NtlOTNT/4b/qnO5fHF55eXp55dXl55reqYCLko/2X/4o0sfXjmT/287df6B/68q/48vbH1dbR91mh4NMBG31asq/9PPrN8b+YfWkX9oL/mH9pJ/aC/5h/aSf2gv+Yf2kn9oL/mH9pJ/aK/T+QcA2mVwqeknkIGmND3/AAAAAAAAAAAAAAAAAAAA521O7S6eLJOq+clbyeFDSbqj6neG/0ecXD98vfxjUTX7TVF3G8vTd4x5gDG91/DT1zd802z9T29vtv76UrLxapJr3e75+684vv/+uRv/5PPes2MW+JuKM/sPPjHZ+mf9stVs/bm95ONq/rk2av4pc8twPXr+6VfXb8z6L/085gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYmF8DAAD//xFQbUc=")
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'bridge0\x00', <r7=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="280000001c000100000000000000000007000000", @ANYRES32=r7, @ANYBLOB="4000aa000a0002"], 0x28}}, 0x0)

3.714111555s ago: executing program 7 (id=27145):
r0 = syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301)
unshare(0x22020400)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={0x0, 0xffffffffffffffff, 0x0, 0x800}, 0x18)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f00000009c0)=ANY=[], 0x0, 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r1}, 0x18)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r2}, 0x38)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3, 0x0, 0x3}, 0x18)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4, 0x0, 0xfffffffffffffffc}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000040)=ANY=[@ANYRES16], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x43, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)

3.578033317s ago: executing program 9 (id=27149):
r0 = syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301)
unshare(0x22020400)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={0x0, 0xffffffffffffffff, 0x0, 0x800}, 0x18)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f00000009c0)=ANY=[], 0x0, 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r1}, 0x18)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r2}, 0x38)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3, 0x0, 0x3}, 0x18)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4, 0x0, 0xfffffffffffffffc}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000040)=ANY=[@ANYRES16], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x43, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect) (fail_nth: 1)

1.464628218s ago: executing program 8 (id=27169):
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SET_NAME(0xf, &(0x7f0000000700)=',&#^%\x00')
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000e40)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000040000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x2004c000)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000080)={'sit0\x00', &(0x7f0000000300)={'gre0\x00', 0x0, 0x10, 0x1, 0x4, 0x5, {{0x5, 0x4, 0x0, 0xd, 0x14, 0x68, 0x8, 0x2, 0x29, 0x0, @empty, @empty}}}})
rt_sigqueueinfo(0x0, 0x6, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r2, 0x0, 0x5}, 0x18)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a3000000000080005400000000d08000640ffffff00080070dd95c233d48fe02db11e76bb21b84a03400000000c2c0000000b0a010100000d0000000000070000000900020073797a31000000000900010073797a300000000014000000"], 0xc0}}, 0x0)
pipe2$9p(&(0x7f0000000000)={<r4=>0xffffffffffffffff}, 0x84000)
r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}})
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f00000006c0), 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
r6 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r6, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r7=>0x0})
bind$can_j1939(r6, &(0x7f0000000340)={0x1d, r7, 0x0, {0x2, 0x0, 0x6}, 0xfe}, 0x18)
setsockopt$sock_int(r6, 0x1, 0x6, &(0x7f0000000180)=0x1, 0x4)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
ioctl$FS_IOC_GETFSMAP(r8, 0xc0c0583b, &(0x7f0000000d40)={0x0, 0x2904c, 0x3fffffffffffe52, 0x10003, '\x00', [{}, {0xffffffff}]})

1.304891521s ago: executing program 8 (id=27171):
r0 = getpid()
syz_pidfd_open(r0, 0x0)
epoll_create1(0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180))
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x140, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
inotify_init()
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r1)
r3 = bpf$PROG_LOAD(0x5, &(0x7f000000d000)={0xa, 0x3, &(0x7f0000000b40)=ANY=[@ANYBLOB="850000002200000007000000000000089500000000000000e26c9bd1a6361b80cdd64bdf00000000000869045aac0000659f55df08f9b90788ff7f00000010000029c21ebbcde61d8ab5920aef6c3e007fe61241638962cf0b89ef506cfd3f1d4163d3cfca3733b30070a7cf53021a95fdaf3c7220a0e23db436659a8c54328a702688f92b6b71569d65e33d46f8d8ae24ba69c657afac04379cb536008c219991704f11c51b1d076f03b0f917c766f3a7598bbc00feb3bc8e88f79df517b37b56bcbc290080000000000000e675458a43b8a8935bf9cf0be7d0aeaac41405e341cd0ba0d6fd562489dad595712a4051bb6cf826ab757193fc09d305f95c55d5746419000000000000007b61803bd430ef06000000000000001e93f640f159320c8b088f4d6497682eb312d4967aff9e4c14c66c90000054ed82c7cba4c81f91d6dfed18767bf0df584b4b6c4204df411f921e3aa02a67dd324b8176020e9c024751e539c05727f82c92046bfe64babb6d7ba86526b7886a0c2481c5812812a6fa3fca3758cbd8c32b25c28be225bd1f16297baa065f5bf96330fad0aaa4388c06c0eb2ecdf829af9577fcd868cc269b740000b7ad193c5e5850df01aff96877d73a63246ce6f0467167626329ab910b7a13d9ec9a64e7f6b56aeab8c38f69a213c96e2d2ad7978c9d721c270f27e7025d576535198742d403ec43572d7d0baf00e882617b260627805ca44200335ea4363066944d0aa6feb9705b09ba40d4642519281151f875cbf13a582f90ad719f0eccf02a473dd508a16138904933689ea6050041206473075eaeff2b69c2f2bf6f691c3560e068743a08e9771280da61fd8fdc3f7a35ea352e35753c59ebc1bd27ab6603e6afb1b3f057fbb7ed3aabe702b3c6301d3f5c295d1d69d1541d0e64631c95d6c0999e27e8d1a58f6a00f19102d2bfaf53f25a45637b1c577ae50c4c5669b13a4ed999dd10d2f091dcda39d9abc40c64a20c14ff0b1bf4d23fe07ae90fa0eba9c64bf89b26e7d8d70710b04f9ece5969023acadbb4582272e5b3a0429a5645b0c824ad36f7cc8be12b3874d5a19349b0ede845e9dddcab4a78b08ed60104002aabb17eb1840bc8e0ed1dd8b9b7eeaf32a185d80250a7f2252775905eeeb756eadafe20bbc616bc44b347abc8caf722b2c3b06884c1d3690f23b06fa4541bb2a81073b452764f04bd39008b65ee222cf697ac21b087548e9708dffaff2859e973b1e88668c8022cc6dac8548167e5798ec9c7d288a7fa7749f07513187cd8f060abbbc5e37dd1ba3aab927be1b409be733b7408534e5b0951e9ecfd0a1c77e3a29be47e896aecac0bc4093330124615056e3ce0ce6ac91b1242d3bb2e787a186dc2ec284d60e9d8a03884a22eeaa1efa497ee88c6cb565b164a260afb5157e392b1ebb1a4d4f992011ecbac4a0a7ff5bdcef7994a422bb2761edd2d8f20f5f879a88f89d48b8314f862585e4b7a9d6a6681f40e8b82cc6555dce2db951d164cc9a70e640ac8974faa2587a6e3af3b9458f7d4b4077b3002536b10ea24d73307a33090c4c270909a5322eac32cb175e68fa83457b21465c08c02dcefccc0c714c2862ddbe567755f05c1e671328d160d3752345ca1db6e74c720e42afca982ba6befd96c5575f1dd8f87ff6606301c0000000000000000000000000000000000000004d0d54b4caf78018766cdb971e8b168d4763c1f00000003d4e1d842caf457797f93db93e4f38a9dbd79f6bf5dc40b55fdbf9b856665061b2e2924f27eb2d2b5a181ccfd9eeb11dec165b6f12433f00bb06124041ffdcdcdc91f3b3b76635a689c9249cf69bcae654bfa81e75b7c7002b883c56026d83520395b7d511f607cf2f899c7b1c75e2192f775d72247167285857588ace1115fbebfee3c16b84cf7036d41c493a63c09f2ce46c1f5995c2d7fe58c15e64bb4cb7e7f336cc22fa1ea1363bce375bd3d579be1dddb08ed5147b629e4b3f0e65783ee5e20d9270802f2a7500738d95216743bc36a04ba8d486fb26252d684b84fa24639089064ca7b93057c041f12d544dab4d24a4f952b4f265a69ba279929959991b7ac63786055b3c029a0e8b6e42ad33cba2661957cff0700000000000029bb61462623a58556cd62844d4d23cc738ee5b36c71d2c010b089251d5806000b1ade92dd9f441468967c052aecd9de81b4b55d06670597991f37ddc4fa19a6369d5bf76c474633a337f676ad255869881da5cadcf49ce9188129cc978977f87b32bd4945717075cbb4d3e01e67ff087644f52fcf0a3c732b0586cb87972c43d2616bf4e521dc310fbf1760243d51a197d3ecfd74bd625e9f496175513f3e97854ea76e26e96a8639a297871485a8609f8ca842b3321932c4d9e224a0cec5946cec9e359fd3687415cad5fb8c678136f36d9f781fade9f2469477748f4dfa0f56c326c89bb5d07f35aaf95303b5a620fc84e1c73557b2277831f8f633f0d293c0e3f4f93149887271e645f50a4e57010a9b76457f6ad73231a905206bbb1b95248aed85a9df9dea64cc1fd1f06a98530000000000000045fcc1fb138fce0faec0a423e860d5b308d7849381b294106af25f15fec047d5b844a99f36e342165df728e381b48c20e0900f8d265157467d3494f2b93c7f3c817688cec2d226f50edb115c2e075f3c663a4b4169bc6fd7d4fbce205f2a1ae263ae0db900fa0a13cf796e0d7a9dad86953c13ed6241206d682e194c64c491de6a531e9bd45abe705f07000a82ccd41a2c1b23bac44b7371a3a0aeab3647c56f0680cd30ca260189dffed79c2cfae39d8160d3fac695b75654a4a5695b9edec673e75d97950fd4d80bdf8e2d83a3232768b1231b09ef4d995a783eb8f731523e9f6c2ee9119d567acd471bc391bd4f07600d5b04b71c1f1fd7e219b8df5123e4c529db3ce74353e8a39e2d21ce0954334951d509cdce531fb14230fa3b7331a943e7223b0ac8725a0d45a213fa249a8801959480ecdc5999c9df72debe8510d0620fce7be7086d5b72e857243f0a7883d9749b1f40936b51631e0060a0d9901d730000000000000000"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
perf_event_open(&(0x7f0000000000)={0x2, 0x11, 0xdf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x851, 0x6, 0x0, 0x0, 0x0, 0x10, 0x100, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
socketpair(0x1e, 0x1, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x10}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000003c0))
write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
recvmsg$kcm(0xffffffffffffffff, 0x0, 0x60)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000200)="d8000000200081044e81f782db44b90402000000e8fe55a1180015000600142603600e1209000a0000000401a80016000a00114006000000036010fab94dcf5c0468c1d67f6f94007134cf6ee0808856e408e8d8ef52b49816277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9db22fe7c9f8775730d16a4683f1aeb4edbb57a5025ccca9e00360db70100000040fad95667e006d8df969b3ef35ce3bb9ad809d561cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e970100040000", 0xd8}], 0x1}, 0x0)
sendmsg$NLBL_MGMT_C_ADDDEF(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000000400000008000700e000000208000200050000000800080000a600"/50], 0x40}}, 0x0)

1.271339491s ago: executing program 2 (id=27172):
unshare(0x62040200)
setreuid(0xffffffffffffffff, 0xee00)
keyctl$session_to_parent(0x12)
r0 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000000340)=0xfffffffffffffff9, 0x4)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f00000001c0)=[@in={0x2, 0x4e22, @loopback}, @in6={0xa, 0x0, 0x0, @private0}], 0x2c)

1.135092133s ago: executing program 2 (id=27173):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1, 0x0, 0x3}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB], 0x0}, 0x94)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
pread64(r2, &(0x7f0000001240)=""/102400, 0x200000, 0x0)

1.134318643s ago: executing program 8 (id=27174):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
shutdown(r1, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000180)=0x10)
shutdown(r1, 0x1)
r2 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r3=>0x0}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000080)={<r4=>r3, @in={{0x2, 0x0, @empty}}}, &(0x7f0000000540)=0x9c)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f00000003c0)={0xb5, 0x1, 0x5, 0x1, r4}, &(0x7f0000000440)=0x10)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r8 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r8, 0x0)
add_key$user(0x0, 0x0, 0x0, 0x0, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="1b00000000000000000000000080000000", @ANYRES32=0x0, @ANYRES32], 0x50)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x7, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r9}}]}, &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='mm_page_free\x00', r10, 0x0, 0xc}, 0x18)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_emit_ethernet(0xfdef, &(0x7f0000000180)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xfde1, 0x300, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e22, 0x4d, 0x0, @wg=@data}}}}}, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}}, 0x1c)
write$selinux_load(r7, &(0x7f0000000000)=ANY=[], 0x2000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x18)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x0)
r11 = creat(&(0x7f00000000c0)='./file0\x00', 0xc9028ba210c11f8b)
ioctl$BLKTRACESETUP(r11, 0xc0481273, &(0x7f0000000000)={'\x00', 0x8, 0x2, 0x803fd, 0x1, 0x800})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000000)='kmem_cache_free\x00', r0, 0x0, 0x200000000800002}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
unlink(0x0)

1.030168055s ago: executing program 2 (id=27175):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x18)
socket$kcm(0x10, 0x3, 0x10)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10)
socket$kcm(0xa, 0x2, 0x88)
socket$kcm(0x10, 0x2, 0x10)
socket$kcm(0x1e, 0x4, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240))
socket$kcm(0x10, 0x2, 0x0)
socket$kcm(0x2, 0x5, 0x84)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x56, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x1, @perf_bp={0x0, 0xd}, 0x14105, 0x2e, 0xfffffbff, 0x2, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$kcm(0x2, 0x5, 0x84)
socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x204080, 0x0)
socket$kcm(0x2, 0x200000000000001, 0x0)
socket$kcm(0x10, 0x2, 0x0)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7ff0, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$kcm(0xa, 0x2, 0x88)
socket$kcm(0x29, 0x2, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.stat\x00', 0x26e1, 0x0)
socket$kcm(0xa, 0x5, 0x0)
socket$kcm(0xa, 0x5, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000001c0)=ANY=[@ANYRES32, @ANYRES32=r2, @ANYRES64=r2], 0x20)

1.008249785s ago: executing program 8 (id=27176):
socket$nl_netfilter(0x10, 0x3, 0xc)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=@bloom_filter={0x1e, 0x1, 0x1, 0xd697, 0x80, 0xffffffffffffffff, 0xff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x2, 0xa}, 0x50)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000002c0)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r1, 0x2)
r2 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r2, 0x2)

858.885327ms ago: executing program 2 (id=27177):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x18)
socket$kcm(0x10, 0x3, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000580)=ANY=[@ANYBLOB="180000008000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000c44185000000040000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200000a000000b703000000000000850000007500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10)
socket$kcm(0xa, 0x2, 0x88)
socket$kcm(0x10, 0x2, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240))
socket$kcm(0x10, 0x2, 0x0)
socket$kcm(0x2, 0x5, 0x84)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x56, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x1, @perf_bp={0x0, 0xd}, 0x14105, 0x2e, 0xfffffbff, 0x2, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$kcm(0x2, 0x5, 0x84)
socket$kcm(0x2, 0x5, 0x84)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x204080, 0x0)
socket$kcm(0x2, 0x200000000000001, 0x0)
socket$kcm(0x10, 0x2, 0x0)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7ff0, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$kcm(0xa, 0x2, 0x88)
socket$kcm(0x29, 0x2, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.stat\x00', 0x26e1, 0x0)
socket$kcm(0xa, 0x5, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}, 0x5f21df7aec8d40fb, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$kcm(0xa, 0x5, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000001c0)=ANY=[@ANYRES32, @ANYRES32=r2, @ANYRES64=r2], 0x20)

767.549938ms ago: executing program 2 (id=27179):
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SET_NAME(0xf, &(0x7f0000000700)=',&#^%\x00')
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000e40)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000040000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x2004c000)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000080)={'sit0\x00', &(0x7f0000000300)={'gre0\x00', 0x0, 0x10, 0x1, 0x4, 0x5, {{0x5, 0x4, 0x0, 0xd, 0x14, 0x68, 0x8, 0x2, 0x29, 0x0, @empty, @empty}}}})
rt_sigqueueinfo(0x0, 0x6, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r2, 0x0, 0x5}, 0x18)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a3000000000080005400000000d08000640ffffff00080070dd95c233d48fe02db11e76bb21b84a03400000000c2c0000000b0a010100000d0000000000070000000900020073797a31000000000900010073797a300000000014000000"], 0xc0}}, 0x0)
pipe2$9p(&(0x7f0000000000)={<r4=>0xffffffffffffffff}, 0x84000)
r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}})
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f00000006c0), 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
r6 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r6, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r7=>0x0})
bind$can_j1939(r6, &(0x7f0000000340)={0x1d, r7, 0x0, {0x2, 0x0, 0x6}, 0xfe}, 0x18)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
ioctl$FS_IOC_GETFSMAP(r8, 0xc0c0583b, &(0x7f0000000d40)={0x0, 0x2904c, 0x3fffffffffffe52, 0x10003, '\x00', [{}, {0xffffffff}]})

662.15551ms ago: executing program 5 (id=27180):
r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r2}, 0x18)
r3 = openat$random(0xffffffffffffff9c, &(0x7f000000fe80), 0x40800, 0x0)
ioctl$RNDADDENTROPY(r3, 0x40085203, &(0x7f000000fec0)=ANY=[@ANYBLOB="04000000000010"])
fchmodat(0xffffffffffffffff, &(0x7f0000000200)='./file0\x00', 0x83)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = socket$inet6(0xa, 0x2, 0x0)
r6 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r6, &(0x7f0000000180)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000a00)=ANY=[@ANYBLOB="3c0000001000370400000000ffffffff00000000", @ANYRES32=r7, @ANYBLOB="0b120500000000001c0012800b00010069703667726500000c00028008000100"], 0x3c}}, 0x4000010)
r8 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
ioctl$PPPIOCNEWUNIT(r8, 0xc004743e, &(0x7f0000000380)=0x7ffd)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000"], 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r10}, 0x10)
ioctl$PPPIOCSPASS(r8, 0x40107447, &(0x7f0000000180)={0x20, 0x0})
sendmmsg$inet(r5, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r7, @empty, @multicast1}}}], 0x20}}], 0x1, 0x0)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x72, '\x00', r7, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r11}, 0x10)
r12 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
syz_open_pts(r12, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02"], 0x48)
fsetxattr$system_posix_acl(r0, &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f00000002c0)=ANY=[], 0xfe44, 0x0)

631.105351ms ago: executing program 2 (id=27181):
socket$nl_netfilter(0x10, 0x3, 0xc)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000002c0)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r1, 0x2)
r2 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r2, 0x2)

549.444132ms ago: executing program 5 (id=27182):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001280)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x8041, 0x0)
ioctl$TIOCGPTPEER(r1, 0x5441, 0x7)
r2 = memfd_secret(0x0)
r3 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
getsockopt$bt_hci(r3, 0x84, 0x80, &(0x7f0000000000)=""/4102, &(0x7f00000010c0)=0x1006)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYRES64=0x0, @ANYRES64=r2, @ANYBLOB="c16936dfa3e6acdaebf4a3c49e8565c7b2f06daf657eb2715e4ba2988f16650283e2c833581e933e10121f0fdb500477f8a71c99192a445cd7da48d5c887a46d63232ce866c0b45648744a7a280c623ac6b9059afb3af8dbdd0cb1a97ae58d1e1c9966a7ce7b27086e3347ff4de2bc6ae96f7b3276e0", @ANYRES32=r2], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4, 0x0, 0x4}, 0x18)
r5 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x2000)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x56)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{}, &(0x7f0000000800), &(0x7f0000000840)=r6}, 0x20)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7}, 0x10)
ioctl$SG_GET_VERSION_NUM(r5, 0x2284, &(0x7f0000000080))

524.260842ms ago: executing program 5 (id=27183):
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000480)=@abs={0x0, 0x0, 0x8004e24}, 0x6e)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000180)=ANY=[@ANYBLOB="3c000000100005fff5ff00e1ffffffffffffff4a8f6fbc4e78323d9140400c96623d03d06c5b216c", @ANYRES32=0x0, @ANYBLOB="00000000000000001c00128009000100626f6e64000000000c0002800800050000000000"], 0x3c}}, 0x0)
syz_genetlink_get_family_id$tipc(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$RDMA_NLDEV_CMD_RES_CQ_GET(0xffffffffffffffff, 0x0, 0x4008000)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000280)='+}[@\x00')
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000800)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a64000000060a0b0400000000000040000200000038000480200001800a00010071756f7461000400100002800c000140000000000000008314000180090001007866726d00000000040002800900010073797a30000000000900020073797a32"], 0x8c}}, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="01000000010000000700"/20, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r4 = syz_open_dev$evdev(&(0x7f00000002c0), 0x1, 0x40)
ioctl$EVIOCGRAB(r4, 0x40044590, &(0x7f0000000400)=0x7)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
bpf$MAP_CREATE(0x300000000000000, &(0x7f0000000100)=@base={0x18, 0x4, 0x41, 0x0, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4003, 0x1}, 0x48)

334.810225ms ago: executing program 5 (id=27184):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x48, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{}, &(0x7f0000000000), 0x0}, 0x20) (async)
r1 = socket$netlink(0x10, 0x3, 0x0) (async)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) (async)
listen(r2, 0x3) (async)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000380)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c2000000080045000028000000000006907864010101ac1414aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5c027a15a8c40001"], 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000080000000c"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002300000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
r5 = openat$sysfs(0xffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r5, 0x0, 0x7ffff088)
sendmsg$RDMA_NLDEV_CMD_RES_GET(0xffffffffffffffff, 0x0, 0x400c800) (async)
sendmsg$nl_route_sched(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x54, 0x10, 0x1, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {0xf}, {0xe}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x491, 0x0, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x4000c00)

214.944127ms ago: executing program 5 (id=27185):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1, 0x0, 0x3}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1802000000"], 0x0}, 0x94)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
pread64(r2, &(0x7f0000001240)=""/102400, 0x200000, 0x0)

136.526438ms ago: executing program 5 (id=27186):
socket$nl_netfilter(0x10, 0x3, 0xc)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=@bloom_filter={0x1e, 0x1, 0x1, 0xd697, 0x80, 0xffffffffffffffff, 0xff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x2, 0xa}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000002c0)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4400000010004b0400000000000000007a000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b0001006272696467650000140002800800080081000000060027"], 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2010008, &(0x7f00000001c0), 0xff, 0x52e, &(0x7f0000000640)="$eJzs3cFvI1cZAPBvnDib7GabFDhApZZCi7IVrJ00tI04lCIhOFVClPsSEieK4sRR7LSbqILsX4CEECBxggsXJP4AJLQSF44IqRKcQSoCIdiCBAfoINvjJDjjxFuceNf5/aTZeW/GM9/3vHnjGc/TOIAr69mIeC0i3k/T9IWImMmWF7IpDttT83XvPXh7pTklkaZv/DWJJFvW2VeSzW9km01GxFe/HPGN5HTc+v7B5nK1WtnN6uXG1k65vn9we2Nreb2yXtleXFx4eemVpZeW5gfSzpsR8eoX//i9b//kS6/+4jNv/eHOn299s5nWdLb+ZDse0vhZK9tNL16b7Npg9wMGexQ121PsVKb62+beBeYDAEBvzXP8D0XEJyPihZiJsbNPZwEAAIDHUPr56fh3EpHmm+ixHAAAAHiMFFpjYJNCKRsLMB2FQqnUHsP7kbheqNbqjU+v1fa2V9tjZWejWFjbqFbms7HCs1FMmvWFVvm4/mJXfTEinoyI785MteqllVp1ddhffgAAAMAVcaPr+v8fM+3rfwAAAGDEzA47AQAAAODCuf4HAACA0ef6HwAAAEbaV15/vTmlnd+/Xn1zf2+z9ubt1Up9s7S1t1Jaqe3ulNZrtfXWM/u2zttftVbb+Wxs790tNyr1Rrm+f3Bnq7a33bizEZOX0iAAAADglCc/fv93SUQcfm6qNTVNDDsp4FKMH5WSbJ7T+3//RHv+7iUlBVyKsT5e8+61/OXOE+DxNt69oEdfB0ZPcdgJAEOXnLO+5+CdX2fzTww2HwAAYPDmPpZ///+864GIw8IlpAdcIJ0Yrq6u+//pzLASAS5d6/5/vwN5nCzASCn2NQIQGGX/9/3/c6XpQyUEAAAM3HRrSgql7Ou96SgUSqWIm62fBSgmaxvVynxEPBERv50pXmvWF1pbJn2MEQAAAAAAAAAAAAAAAAAAAAAAAAAAovVU7iRSAAAAYKRFFP6U/LL9LP+5meenu78fmEj+1fpJ4ImIeOuHb3z/7nKjsbvQXP63o+WNH2TLXxzGNxgAAABAt851emv+z2FnAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCoee/B2yudqY+XTw0q7l++EBGzefHHY7I1n4xiRFz/exLjJ7ZLImJsAPEP70XER/PiJ820jkLmxR/Em3BO/JjN3oW8+DcGEB+usvvN489ref2vEM+25vn9bzzif+ofVO/jXxwd/8Z69P+bfcZ46p2flXvGvxfx1Hj+8acTP+kR/7k+43/9awcHvdalP4qY63z+tI54JyMcl8qNrZ1yff/g9sbW8nplvbK9uLjw8tIrSy8tzZfXNqqV7N/cGN95+ufvn9X+67mff0mWTe/2P5+zv7zPpP+8c/fBhzuVw9Pxbz2XE/9XP85ecTp+IYvzqazcXD/XKR+2yyc989PfPHNW+1eP2198mP//W7122u1UR3m63z8dAOAC1PcPNper1cruyBaaV+mPQBoKj2DhWwPdYZqmabNP5ay6HxH97CeJAbe0kJ/PcaHnEWDYRyYAAGDQjk/6h50JAAAAAAAAAAAAAAAAAAAAXF2X8ZS17pjHj0BOBvEIbQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAgfhvAAAA//89e9P5")
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r3, 0x2)
r4 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r4, 0x2)

132.499608ms ago: executing program 8 (id=27187):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x18)
socket$kcm(0x10, 0x3, 0x10)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10)
socket$kcm(0xa, 0x2, 0x88)
socket$kcm(0x10, 0x2, 0x10)
socket$kcm(0x1e, 0x4, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240))
socket$kcm(0x10, 0x2, 0x0)
socket$kcm(0x2, 0x5, 0x84)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x56, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x1, @perf_bp={0x0, 0xd}, 0x14105, 0x2e, 0xfffffbff, 0x2, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$kcm(0x2, 0x5, 0x84)
socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x204080, 0x0)
socket$kcm(0x2, 0x200000000000001, 0x0)
socket$kcm(0x10, 0x2, 0x0)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7ff0, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$kcm(0xa, 0x2, 0x88)
socket$kcm(0x29, 0x2, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.stat\x00', 0x26e1, 0x0)
socket$kcm(0xa, 0x5, 0x0)
socket$kcm(0xa, 0x5, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000001c0)=ANY=[@ANYRES32, @ANYRES32=r2, @ANYRES64=r2], 0x20)

0s ago: executing program 8 (id=27188):
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x88, 0x67, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
sendmsg$TIPC_CMD_SHOW_PORTS(r0, &(0x7f0000000380)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000300)={&(0x7f0000000200)={0x1c, r4, 0x20, 0x70bd28, 0x25dfdbff, {}, ["", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x4000000)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70200001400000bb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r6 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x181)
write(r7, &(0x7f0000004200)='t', 0x1)
sendfile(r7, r6, 0x0, 0x3ffff)
r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r8, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendfile(r7, r6, 0x0, 0x7ffff000)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)

kernel console output (not intermixed with test programs):

ta tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1471.437789][T25056] EXT4-fs (loop8): mount failed
[ 1471.474037][T25071] loop4: detected capacity change from 0 to 512
[ 1471.482815][T25071] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1471.515153][T25071] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1471.531590][T25071] ext4 filesystem being mounted at /19/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1471.545845][T25071] futex_wake_op: syz.4.26467 tries to shift op by -1; fix this program
[ 1471.607613][T24260] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1471.799512][T25092] loop4: detected capacity change from 0 to 128
[ 1472.193834][T25103] netlink: 28 bytes leftover after parsing attributes in process `syz.7.26477'.
[ 1472.394495][T25127] netlink: 'syz.9.26481': attribute type 8 has an invalid length.
[ 1472.414688][T25127] loop9: detected capacity change from 0 to 512
[ 1472.452556][T25127] EXT4-fs warning (device loop9): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1472.475826][T25127] EXT4-fs (loop9): mount failed
[ 1472.614224][T25153] 9pnet_fd: Insufficient options for proto=fd
[ 1472.674621][T25159] netlink: 'syz.8.26489': attribute type 8 has an invalid length.
[ 1472.695582][T25159] loop8: detected capacity change from 0 to 512
[ 1472.731373][T25167] loop4: detected capacity change from 0 to 128
[ 1472.770193][T25159] EXT4-fs warning (device loop8): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1472.858673][T25159] EXT4-fs (loop8): mount failed
[ 1473.394236][   T29] kauditd_printk_skb: 1477 callbacks suppressed
[ 1473.394251][   T29] audit: type=1326 audit(2000000910.827:121619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25158 comm="syz.8.26489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6d10ad58e7 code=0x7ffc0000
[ 1473.424647][   T29] audit: type=1326 audit(2000000910.827:121620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25158 comm="syz.8.26489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6d10a7ab19 code=0x7ffc0000
[ 1473.448524][   T29] audit: type=1326 audit(2000000910.827:121621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25158 comm="syz.8.26489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f6d10ade929 code=0x7ffc0000
[ 1473.485893][   T29] audit: type=1326 audit(2000000910.917:121622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25158 comm="syz.8.26489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6d10ad58e7 code=0x7ffc0000
[ 1473.510243][   T29] audit: type=1326 audit(2000000910.917:121623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25158 comm="syz.8.26489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6d10a7ab19 code=0x7ffc0000
[ 1473.534042][   T29] audit: type=1326 audit(2000000910.917:121624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25158 comm="syz.8.26489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f6d10ade929 code=0x7ffc0000
[ 1473.558184][   T29] audit: type=1326 audit(2000000910.917:121625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25158 comm="syz.8.26489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6d10ad58e7 code=0x7ffc0000
[ 1473.582268][   T29] audit: type=1326 audit(2000000910.917:121626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25158 comm="syz.8.26489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6d10a7ab19 code=0x7ffc0000
[ 1473.606241][   T29] audit: type=1326 audit(2000000910.917:121627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25158 comm="syz.8.26489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f6d10ade929 code=0x7ffc0000
[ 1473.636103][   T29] audit: type=1326 audit(2000000910.978:121628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25158 comm="syz.8.26489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6d10ad58e7 code=0x7ffc0000
[ 1473.713406][T25208] netlink: 'syz.7.26502': attribute type 8 has an invalid length.
[ 1473.745285][T25208] loop7: detected capacity change from 0 to 512
[ 1473.781203][T25208] EXT4-fs warning (device loop7): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1473.812377][T25208] EXT4-fs (loop7): mount failed
[ 1473.827996][T25214] loop9: detected capacity change from 0 to 128
[ 1473.961873][T25240] 9pnet_fd: Insufficient options for proto=fd
[ 1473.968543][T15333] bio_check_eod: 332 callbacks suppressed
[ 1473.968560][T15333] kworker/u8:13: attempt to access beyond end of device
[ 1473.968560][T15333] loop9: rw=1, sector=129, nr_sectors = 8 limit=128
[ 1474.025131][T15333] kworker/u8:13: attempt to access beyond end of device
[ 1474.025131][T15333] loop9: rw=1, sector=145, nr_sectors = 8 limit=128
[ 1474.046358][T15333] kworker/u8:13: attempt to access beyond end of device
[ 1474.046358][T15333] loop9: rw=1, sector=161, nr_sectors = 8 limit=128
[ 1474.064649][T15333] kworker/u8:13: attempt to access beyond end of device
[ 1474.064649][T15333] loop9: rw=1, sector=177, nr_sectors = 8 limit=128
[ 1474.105359][T15333] kworker/u8:13: attempt to access beyond end of device
[ 1474.105359][T15333] loop9: rw=1, sector=193, nr_sectors = 8 limit=128
[ 1474.126102][T15333] kworker/u8:13: attempt to access beyond end of device
[ 1474.126102][T15333] loop9: rw=1, sector=209, nr_sectors = 8 limit=128
[ 1474.143277][T15333] kworker/u8:13: attempt to access beyond end of device
[ 1474.143277][T15333] loop9: rw=1, sector=225, nr_sectors = 8 limit=128
[ 1474.159954][T15333] kworker/u8:13: attempt to access beyond end of device
[ 1474.159954][T15333] loop9: rw=1, sector=241, nr_sectors = 8 limit=128
[ 1474.173744][T15333] kworker/u8:13: attempt to access beyond end of device
[ 1474.173744][T15333] loop9: rw=1, sector=257, nr_sectors = 8 limit=128
[ 1474.194211][T15333] kworker/u8:13: attempt to access beyond end of device
[ 1474.194211][T15333] loop9: rw=1, sector=273, nr_sectors = 8 limit=128
[ 1474.516311][T25256] netlink: 'syz.9.26511': attribute type 8 has an invalid length.
[ 1474.576424][T25258] loop9: detected capacity change from 0 to 512
[ 1474.679099][T25258] EXT4-fs warning (device loop9): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1474.700803][T25258] EXT4-fs (loop9): mount failed
[ 1475.529150][T25299] netlink: 'syz.9.26524': attribute type 8 has an invalid length.
[ 1475.562310][T25299] loop9: detected capacity change from 0 to 512
[ 1475.654504][T25299] EXT4-fs warning (device loop9): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1475.669955][T25299] EXT4-fs (loop9): mount failed
[ 1475.813663][T25315] loop4: detected capacity change from 0 to 128
[ 1476.312738][T25339] netlink: 'syz.2.26535': attribute type 8 has an invalid length.
[ 1476.350099][T25339] loop2: detected capacity change from 0 to 512
[ 1476.428648][T25339] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1476.452972][T25339] EXT4-fs (loop2): mount failed
[ 1476.485935][T25353] loop9: detected capacity change from 0 to 512
[ 1476.495594][T25353] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1476.885156][T25353] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1476.910810][T25353] ext4 filesystem being mounted at /450/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1477.032165][T25353] futex_wake_op: syz.9.26538 tries to shift op by -1; fix this program
[ 1477.088414][T16435] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1477.418959][T25375] loop2: detected capacity change from 0 to 128
[ 1477.473994][T25389] netlink: 'syz.7.26548': attribute type 8 has an invalid length.
[ 1477.503034][T25389] loop7: detected capacity change from 0 to 512
[ 1477.528072][T25389] EXT4-fs warning (device loop7): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1477.547882][T25389] EXT4-fs (loop7): mount failed
[ 1477.632482][T25401] 9pnet_fd: Insufficient options for proto=fd
[ 1477.698431][T25410] loop9: detected capacity change from 0 to 512
[ 1477.708652][T25410] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1477.823596][T25410] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1477.859275][T25410] ext4 filesystem being mounted at /455/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1477.881301][T25417] vxcan1 speed is unknown, defaulting to 1000
[ 1478.304934][T25410] futex_wake_op: syz.9.26551 tries to shift op by -1; fix this program
[ 1478.387945][T16435] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1478.397080][   T29] kauditd_printk_skb: 1694 callbacks suppressed
[ 1478.397094][   T29] audit: type=1326 audit(2000000915.820:123318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25447 comm="syz.4.26557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fb4d693e929 code=0x7ffc0000
[ 1478.427395][   T29] audit: type=1326 audit(2000000915.820:123319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25447 comm="syz.4.26557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4d693e929 code=0x7ffc0000
[ 1478.451541][   T29] audit: type=1326 audit(2000000915.820:123320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25447 comm="syz.4.26557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=322 compat=0 ip=0x7fb4d693e929 code=0x7ffc0000
[ 1478.475435][   T29] audit: type=1326 audit(2000000915.820:123321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25447 comm="syz.4.26557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4d693e929 code=0x7ffc0000
[ 1478.499574][   T29] audit: type=1326 audit(2000000915.820:123322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25447 comm="syz.4.26557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4d693e929 code=0x7ffc0000
[ 1478.589592][   T29] audit: type=1326 audit(2000000916.020:123323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25459 comm="syz.8.26561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d10ade929 code=0x7ffc0000
[ 1478.613541][   T29] audit: type=1326 audit(2000000916.020:123324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25459 comm="syz.8.26561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d10ade929 code=0x7ffc0000
[ 1478.655749][T25465] loop2: detected capacity change from 0 to 128
[ 1478.664643][T25460] netlink: 'syz.8.26561': attribute type 8 has an invalid length.
[ 1478.677639][   T29] audit: type=1326 audit(2000000916.050:123325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25459 comm="syz.8.26561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6d10ade929 code=0x7ffc0000
[ 1478.701546][   T29] audit: type=1326 audit(2000000916.050:123326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25459 comm="syz.8.26561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d10ade929 code=0x7ffc0000
[ 1478.725548][   T29] audit: type=1326 audit(2000000916.050:123327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25459 comm="syz.8.26561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d10ade929 code=0x7ffc0000
[ 1478.752296][T25460] loop8: detected capacity change from 0 to 512
[ 1478.786149][T25460] EXT4-fs warning (device loop8): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1478.801532][T25460] EXT4-fs (loop8): mount failed
[ 1478.950441][T25491] 9pnet_fd: Insufficient options for proto=fd
[ 1479.831509][T25529] netlink: 'syz.7.26575': attribute type 8 has an invalid length.
[ 1479.869289][T25528] loop7: detected capacity change from 0 to 512
[ 1479.934734][T25528] EXT4-fs warning (device loop7): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1479.952329][T25528] EXT4-fs (loop7): mount failed
[ 1480.162161][T25529] 9pnet_fd: Insufficient options for proto=fd
[ 1480.289615][T25552] netlink: 'syz.4.26580': attribute type 8 has an invalid length.
[ 1480.312662][T25552] loop4: detected capacity change from 0 to 512
[ 1480.327660][T25552] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1480.345017][T25552] EXT4-fs (loop4): mount failed
[ 1480.588626][T25572] loop2: detected capacity change from 0 to 512
[ 1480.677648][T25572] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1480.708562][T25572] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1480.725274][T25572] ext4 filesystem being mounted at /192/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1480.803736][T25572] futex_wake_op: syz.2.26586 tries to shift op by -1; fix this program
[ 1481.166466][T20125] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1481.219923][T25592] netlink: 'syz.2.26592': attribute type 8 has an invalid length.
[ 1481.242792][T25592] loop2: detected capacity change from 0 to 512
[ 1481.267709][T25592] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1481.283330][T25592] EXT4-fs (loop2): mount failed
[ 1481.501801][T25611] loop9: detected capacity change from 0 to 128
[ 1481.635642][   T66] bio_check_eod: 446 callbacks suppressed
[ 1481.635656][   T66] kworker/u8:5: attempt to access beyond end of device
[ 1481.635656][   T66] loop9: rw=1, sector=137, nr_sectors = 8 limit=128
[ 1481.688767][   T66] kworker/u8:5: attempt to access beyond end of device
[ 1481.688767][   T66] loop9: rw=1, sector=153, nr_sectors = 8 limit=128
[ 1481.706557][   T66] kworker/u8:5: attempt to access beyond end of device
[ 1481.706557][   T66] loop9: rw=1, sector=169, nr_sectors = 8 limit=128
[ 1481.720754][   T66] kworker/u8:5: attempt to access beyond end of device
[ 1481.720754][   T66] loop9: rw=1, sector=185, nr_sectors = 8 limit=128
[ 1481.736002][   T66] kworker/u8:5: attempt to access beyond end of device
[ 1481.736002][   T66] loop9: rw=1, sector=201, nr_sectors = 8 limit=128
[ 1481.750137][   T66] kworker/u8:5: attempt to access beyond end of device
[ 1481.750137][   T66] loop9: rw=1, sector=217, nr_sectors = 8 limit=128
[ 1481.765467][   T66] kworker/u8:5: attempt to access beyond end of device
[ 1481.765467][   T66] loop9: rw=1, sector=233, nr_sectors = 8 limit=128
[ 1481.779390][   T66] kworker/u8:5: attempt to access beyond end of device
[ 1481.779390][   T66] loop9: rw=1, sector=249, nr_sectors = 8 limit=128
[ 1481.793192][   T66] kworker/u8:5: attempt to access beyond end of device
[ 1481.793192][   T66] loop9: rw=1, sector=265, nr_sectors = 8 limit=128
[ 1481.824366][   T66] kworker/u8:5: attempt to access beyond end of device
[ 1481.824366][   T66] loop9: rw=1, sector=281, nr_sectors = 8 limit=128
[ 1482.052486][T25637] vxcan1 speed is unknown, defaulting to 1000
[ 1482.798486][T25672] netlink: 'syz.8.26609': attribute type 8 has an invalid length.
[ 1482.890977][T25672] loop8: detected capacity change from 0 to 512
[ 1482.948461][T25672] EXT4-fs warning (device loop8): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1482.983697][T25672] EXT4-fs (loop8): mount failed
[ 1483.094362][T25693] 9pnet_fd: Insufficient options for proto=fd
[ 1483.452602][   T29] kauditd_printk_skb: 1091 callbacks suppressed
[ 1483.452621][   T29] audit: type=1326 audit(2000000920.852:124414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25671 comm="syz.8.26609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6d10ad58e7 code=0x7ffc0000
[ 1483.482908][   T29] audit: type=1326 audit(2000000920.852:124415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25671 comm="syz.8.26609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6d10a7ab19 code=0x7ffc0000
[ 1483.506776][   T29] audit: type=1326 audit(2000000920.852:124416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25671 comm="syz.8.26609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f6d10ade929 code=0x7ffc0000
[ 1483.530874][   T29] audit: type=1326 audit(2000000920.852:124417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25671 comm="syz.8.26609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6d10ad58e7 code=0x7ffc0000
[ 1483.554862][   T29] audit: type=1326 audit(2000000920.852:124418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25671 comm="syz.8.26609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6d10a7ab19 code=0x7ffc0000
[ 1483.578553][   T29] audit: type=1326 audit(2000000920.852:124419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25671 comm="syz.8.26609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f6d10ade929 code=0x7ffc0000
[ 1483.602231][   T29] audit: type=1326 audit(2000000920.862:124420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25671 comm="syz.8.26609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6d10ad58e7 code=0x7ffc0000
[ 1483.625920][   T29] audit: type=1326 audit(2000000920.862:124421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25671 comm="syz.8.26609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6d10a7ab19 code=0x7ffc0000
[ 1483.649686][   T29] audit: type=1326 audit(2000000920.862:124422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25671 comm="syz.8.26609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f6d10ade929 code=0x7ffc0000
[ 1483.673424][   T29] audit: type=1326 audit(2000000920.872:124423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25671 comm="syz.8.26609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6d10ad58e7 code=0x7ffc0000
[ 1483.790811][T25710] netlink: 'syz.9.26617': attribute type 8 has an invalid length.
[ 1483.805397][T25709] netlink: 'syz.8.26618': attribute type 8 has an invalid length.
[ 1483.826990][T25707] loop9: detected capacity change from 0 to 512
[ 1483.847366][T25709] loop8: detected capacity change from 0 to 512
[ 1483.868779][T25707] EXT4-fs warning (device loop9): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1483.898016][T25707] EXT4-fs (loop9): mount failed
[ 1483.907015][T25709] EXT4-fs warning (device loop8): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1483.941293][T25709] EXT4-fs (loop8): mount failed
[ 1484.105161][T25735] 9pnet_fd: Insufficient options for proto=fd
[ 1484.171678][T25744] vxcan1 speed is unknown, defaulting to 1000
[ 1484.997480][T25804] netlink: 'syz.8.26637': attribute type 8 has an invalid length.
[ 1485.017312][T25804] loop8: detected capacity change from 0 to 512
[ 1485.042703][T25804] EXT4-fs warning (device loop8): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1485.088198][T25804] EXT4-fs (loop8): mount failed
[ 1485.222140][T25819] 9pnet_fd: Insufficient options for proto=fd
[ 1485.275434][T25828] netlink: 'syz.7.26644': attribute type 8 has an invalid length.
[ 1485.324182][T25828] loop7: detected capacity change from 0 to 512
[ 1485.344577][T25828] EXT4-fs warning (device loop7): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1485.370865][T25828] EXT4-fs (loop7): mount failed
[ 1486.262205][T25870] loop8: detected capacity change from 0 to 128
[ 1486.421209][T25875] loop2: detected capacity change from 0 to 4096
[ 1486.444942][T25875] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1486.496611][T20125] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1486.567949][T25894] netlink: 'syz.7.26667': attribute type 8 has an invalid length.
[ 1486.590618][T25894] loop7: detected capacity change from 0 to 512
[ 1486.618721][T25894] EXT4-fs warning (device loop7): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1486.647896][T25894] EXT4-fs (loop7): mount failed
[ 1486.946072][T25930] netlink: 4 bytes leftover after parsing attributes in process `syz.2.26678'.
[ 1487.007833][T25938] loop4: detected capacity change from 0 to 128
[ 1487.128494][T23557] bio_check_eod: 218 callbacks suppressed
[ 1487.128511][T23557] kworker/u8:73: attempt to access beyond end of device
[ 1487.128511][T23557] loop4: rw=1, sector=137, nr_sectors = 8 limit=128
[ 1487.131692][T25948] netlink: 'syz.2.26683': attribute type 8 has an invalid length.
[ 1487.165829][T23557] kworker/u8:73: attempt to access beyond end of device
[ 1487.165829][T23557] loop4: rw=1, sector=153, nr_sectors = 8 limit=128
[ 1487.195933][T23557] kworker/u8:73: attempt to access beyond end of device
[ 1487.195933][T23557] loop4: rw=1, sector=169, nr_sectors = 8 limit=128
[ 1487.196016][T25950] loop2: detected capacity change from 0 to 512
[ 1487.209888][T23557] kworker/u8:73: attempt to access beyond end of device
[ 1487.209888][T23557] loop4: rw=1, sector=185, nr_sectors = 8 limit=128
[ 1487.230057][T23557] kworker/u8:73: attempt to access beyond end of device
[ 1487.230057][T23557] loop4: rw=1, sector=201, nr_sectors = 8 limit=128
[ 1487.243885][T23557] kworker/u8:73: attempt to access beyond end of device
[ 1487.243885][T23557] loop4: rw=1, sector=217, nr_sectors = 8 limit=128
[ 1487.258144][T23557] kworker/u8:73: attempt to access beyond end of device
[ 1487.258144][T23557] loop4: rw=1, sector=233, nr_sectors = 8 limit=128
[ 1487.272285][T23557] kworker/u8:73: attempt to access beyond end of device
[ 1487.272285][T23557] loop4: rw=1, sector=249, nr_sectors = 8 limit=128
[ 1487.286489][T23557] kworker/u8:73: attempt to access beyond end of device
[ 1487.286489][T23557] loop4: rw=1, sector=265, nr_sectors = 8 limit=128
[ 1487.300486][T23557] kworker/u8:73: attempt to access beyond end of device
[ 1487.300486][T23557] loop4: rw=1, sector=281, nr_sectors = 8 limit=128
[ 1487.303991][T25950] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1487.333924][T25950] EXT4-fs (loop2): mount failed
[ 1487.435875][T25950] 9pnet_fd: Insufficient options for proto=fd
[ 1487.617702][T25975] netlink: 4 bytes leftover after parsing attributes in process `syz.7.26691'.
[ 1487.973970][T25992] loop7: detected capacity change from 0 to 128
[ 1488.158832][T26007] netlink: 'syz.9.26699': attribute type 8 has an invalid length.
[ 1488.180010][T26001] loop9: detected capacity change from 0 to 512
[ 1488.204263][T26001] EXT4-fs warning (device loop9): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1488.264000][T26001] EXT4-fs (loop9): mount failed
[ 1488.307992][T26027] netlink: 4 bytes leftover after parsing attributes in process `syz.8.26703'.
[ 1488.456663][T26035] netlink: 'syz.4.26708': attribute type 8 has an invalid length.
[ 1488.498818][   T29] kauditd_printk_skb: 1671 callbacks suppressed
[ 1488.498836][   T29] audit: type=1326 audit(2000000925.935:126088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26034 comm="syz.4.26708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4d693e929 code=0x7ffc0000
[ 1488.532295][   T29] audit: type=1326 audit(2000000925.975:126089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26034 comm="syz.4.26708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb4d693e929 code=0x7ffc0000
[ 1488.556038][   T29] audit: type=1326 audit(2000000925.975:126090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26034 comm="syz.4.26708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4d693e929 code=0x7ffc0000
[ 1488.580094][   T29] audit: type=1326 audit(2000000925.975:126091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26034 comm="syz.4.26708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4d693e929 code=0x7ffc0000
[ 1488.608260][   T29] audit: type=1326 audit(2000000926.025:126092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26034 comm="syz.4.26708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fb4d693e929 code=0x7ffc0000
[ 1488.632103][   T29] audit: type=1326 audit(2000000926.025:126093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26034 comm="syz.4.26708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fb4d693e963 code=0x7ffc0000
[ 1488.632606][T26035] loop4: detected capacity change from 0 to 512
[ 1488.655775][   T29] audit: type=1326 audit(2000000926.025:126094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26034 comm="syz.4.26708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fb4d693d3df code=0x7ffc0000
[ 1488.655810][   T29] audit: type=1326 audit(2000000926.025:126095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26034 comm="syz.4.26708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fb4d693e9b7 code=0x7ffc0000
[ 1488.658901][   T29] audit: type=1326 audit(2000000926.075:126096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26034 comm="syz.4.26708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb4d693d290 code=0x7ffc0000
[ 1488.733877][   T29] audit: type=1326 audit(2000000926.075:126097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26034 comm="syz.4.26708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb4d693e52b code=0x7ffc0000
[ 1488.766851][T26035] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1488.818881][T26035] EXT4-fs (loop4): mount failed
[ 1488.921536][T26049] 9pnet_fd: Insufficient options for proto=fd
[ 1488.942178][T26052] loop8: detected capacity change from 0 to 128
[ 1489.824795][T26095] loop4: detected capacity change from 0 to 128
[ 1489.825212][T26094] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[ 1489.825212][T26094]    program syz.7.26725 not setting count and/or reply_len properly
[ 1490.630021][T26131] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[ 1490.630021][T26131]    program syz.9.26737 not setting count and/or reply_len properly
[ 1491.339132][T26154] loop8: detected capacity change from 0 to 128
[ 1491.941672][T26181] netlink: 'syz.2.26752': attribute type 8 has an invalid length.
[ 1491.964895][T26181] loop2: detected capacity change from 0 to 512
[ 1491.992143][T26181] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1492.007409][T26181] EXT4-fs (loop2): mount failed
[ 1492.594721][T26246] netlink: 12 bytes leftover after parsing attributes in process `syz.8.26772'.
[ 1492.812393][T26264] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[ 1492.812393][T26264]    program syz.2.26777 not setting count and/or reply_len properly
[ 1493.425192][T26303] netlink: 'syz.7.26788': attribute type 8 has an invalid length.
[ 1493.444865][T26303] loop7: detected capacity change from 0 to 512
[ 1493.455025][T26307] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[ 1493.455025][T26307]    program syz.9.26789 not setting count and/or reply_len properly
[ 1493.478188][T26303] EXT4-fs warning (device loop7): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1493.499519][T26303] EXT4-fs (loop7): mount failed
[ 1493.505738][   T29] kauditd_printk_skb: 639 callbacks suppressed
[ 1493.505756][   T29] audit: type=1326 audit(2000000930.948:126734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26302 comm="syz.7.26788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f93c274d290 code=0x7ffc0000
[ 1493.536571][   T29] audit: type=1326 audit(2000000930.948:126735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26302 comm="syz.7.26788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f93c274e52b code=0x7ffc0000
[ 1493.560420][   T29] audit: type=1326 audit(2000000930.948:126736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26302 comm="syz.7.26788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f93c274d58a code=0x7ffc0000
[ 1493.584387][   T29] audit: type=1326 audit(2000000930.948:126737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26302 comm="syz.7.26788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93c274e929 code=0x7ffc0000
[ 1493.608343][   T29] audit: type=1326 audit(2000000930.948:126738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26302 comm="syz.7.26788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93c274e929 code=0x7ffc0000
[ 1493.633844][   T29] audit: type=1326 audit(2000000931.058:126739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26302 comm="syz.7.26788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f93c274e929 code=0x7ffc0000
[ 1493.657636][   T29] audit: type=1326 audit(2000000931.058:126740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26302 comm="syz.7.26788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93c274e929 code=0x7ffc0000
[ 1493.681527][   T29] audit: type=1326 audit(2000000931.058:126741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26302 comm="syz.7.26788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93c274e929 code=0x7ffc0000
[ 1493.705387][   T29] audit: type=1326 audit(2000000931.058:126742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26302 comm="syz.7.26788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f93c274e929 code=0x7ffc0000
[ 1493.729255][   T29] audit: type=1326 audit(2000000931.058:126743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26302 comm="syz.7.26788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93c274e929 code=0x7ffc0000
[ 1493.849519][T26318] loop9: detected capacity change from 0 to 128
[ 1493.972770][T23559] bio_check_eod: 560 callbacks suppressed
[ 1493.972786][T23559] kworker/u8:75: attempt to access beyond end of device
[ 1493.972786][T23559] loop9: rw=1, sector=137, nr_sectors = 8 limit=128
[ 1494.016312][T23559] kworker/u8:75: attempt to access beyond end of device
[ 1494.016312][T23559] loop9: rw=1, sector=153, nr_sectors = 8 limit=128
[ 1494.074699][T23559] kworker/u8:75: attempt to access beyond end of device
[ 1494.074699][T23559] loop9: rw=1, sector=169, nr_sectors = 8 limit=128
[ 1494.089207][T23559] kworker/u8:75: attempt to access beyond end of device
[ 1494.089207][T23559] loop9: rw=1, sector=185, nr_sectors = 8 limit=128
[ 1494.103362][T23559] kworker/u8:75: attempt to access beyond end of device
[ 1494.103362][T23559] loop9: rw=1, sector=201, nr_sectors = 8 limit=128
[ 1494.118154][T23559] kworker/u8:75: attempt to access beyond end of device
[ 1494.118154][T23559] loop9: rw=1, sector=217, nr_sectors = 8 limit=128
[ 1494.132351][T23559] kworker/u8:75: attempt to access beyond end of device
[ 1494.132351][T23559] loop9: rw=1, sector=233, nr_sectors = 8 limit=128
[ 1494.146612][T23559] kworker/u8:75: attempt to access beyond end of device
[ 1494.146612][T23559] loop9: rw=1, sector=249, nr_sectors = 8 limit=128
[ 1494.176080][T23559] kworker/u8:75: attempt to access beyond end of device
[ 1494.176080][T23559] loop9: rw=1, sector=265, nr_sectors = 8 limit=128
[ 1494.191721][T23559] kworker/u8:75: attempt to access beyond end of device
[ 1494.191721][T23559] loop9: rw=1, sector=281, nr_sectors = 8 limit=128
[ 1495.153017][T26371] vxcan1 speed is unknown, defaulting to 1000
[ 1496.366780][T26433] netlink: 'syz.9.26821': attribute type 8 has an invalid length.
[ 1496.398663][T26433] loop9: detected capacity change from 0 to 512
[ 1496.438413][T26433] EXT4-fs warning (device loop9): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1496.462517][T26433] EXT4-fs (loop9): mount failed
[ 1497.261023][T26455] 9pnet_fd: Insufficient options for proto=fd
[ 1497.849219][T26482] netlink: 'syz.7.26831': attribute type 8 has an invalid length.
[ 1497.924279][T26483] loop7: detected capacity change from 0 to 512
[ 1497.990239][T26488] FAULT_INJECTION: forcing a failure.
[ 1497.990239][T26488] name failslab, interval 1, probability 0, space 0, times 0
[ 1498.003006][T26488] CPU: 1 UID: 0 PID: 26488 Comm: syz.4.26832 Tainted: G        W           6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(voluntary) 
[ 1498.003044][T26488] Tainted: [W]=WARN
[ 1498.003052][T26488] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1498.003067][T26488] Call Trace:
[ 1498.003074][T26488]  <TASK>
[ 1498.003083][T26488]  __dump_stack+0x1d/0x30
[ 1498.003108][T26488]  dump_stack_lvl+0xe8/0x140
[ 1498.003191][T26488]  dump_stack+0x15/0x1b
[ 1498.003210][T26488]  should_fail_ex+0x265/0x280
[ 1498.003243][T26488]  should_failslab+0x8c/0xb0
[ 1498.003267][T26488]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[ 1498.003341][T26488]  ? sidtab_sid2str_get+0xa0/0x130
[ 1498.003375][T26488]  kmemdup_noprof+0x2b/0x70
[ 1498.003399][T26488]  sidtab_sid2str_get+0xa0/0x130
[ 1498.003432][T26488]  security_sid_to_context_core+0x1eb/0x2e0
[ 1498.003463][T26488]  security_sid_to_context+0x27/0x40
[ 1498.003486][T26488]  selinux_lsmprop_to_secctx+0x67/0xf0
[ 1498.003511][T26488]  security_lsmprop_to_secctx+0x43/0x80
[ 1498.003579][T26488]  audit_log_task_context+0x77/0x190
[ 1498.003619][T26488]  audit_log_task+0xf4/0x250
[ 1498.003651][T26488]  audit_seccomp+0x61/0x100
[ 1498.003678][T26488]  ? __seccomp_filter+0x68c/0x10d0
[ 1498.003702][T26488]  __seccomp_filter+0x69d/0x10d0
[ 1498.003759][T26488]  ? mas_walk+0xf2/0x120
[ 1498.003795][T26488]  __secure_computing+0x82/0x150
[ 1498.003864][T26488]  syscall_trace_enter+0xcf/0x1e0
[ 1498.003890][T26488]  do_syscall_64+0xac/0x200
[ 1498.003924][T26488]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[ 1498.003951][T26488]  ? clear_bhb_loop+0x40/0x90
[ 1498.004002][T26488]  ? clear_bhb_loop+0x40/0x90
[ 1498.004156][T26488]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1498.004251][T26488] RIP: 0033:0x7fb4d694087a
[ 1498.004270][T26488] Code: 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 49 89 ca b8 35 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1498.004292][T26488] RSP: 002b:00007fb4d4fa6f78 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
[ 1498.004350][T26488] RAX: ffffffffffffffda RBX: 00007fb4d6b65f00 RCX: 00007fb4d694087a
[ 1498.004375][T26488] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001
[ 1498.004455][T26488] RBP: 00007fb4d4fa7090 R08: 0000000000000000 R09: 0000000000000000
[ 1498.004517][T26488] R10: 00007fb4d4fa6f98 R11: 0000000000000246 R12: 0000000000000001
[ 1498.004531][T26488] R13: 0000000000000000 R14: 00007fb4d6b65fa0 R15: 00007ffd66b1ba78
[ 1498.004551][T26488]  </TASK>
[ 1498.268832][T26488] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(7)
[ 1498.275393][T26488] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1498.283006][T26488] vhci_hcd vhci_hcd.0: Device attached
[ 1498.293069][T26491] vhci_hcd: connection closed
[ 1498.293944][T26483] EXT4-fs warning (device loop7): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1498.316089][T26483] EXT4-fs (loop7): mount failed
[ 1498.324256][T26495] loop9: detected capacity change from 0 to 128
[ 1498.338204][ T4712] vhci_hcd: stop threads
[ 1498.342508][ T4712] vhci_hcd: release socket
[ 1498.347007][ T4712] vhci_hcd: disconnect device
[ 1498.429028][T26483] 9pnet_fd: Insufficient options for proto=fd
[ 1498.436442][T26503] netlink: 28 bytes leftover after parsing attributes in process `syz.2.26835'.
[ 1498.496107][T15327] tipc: Disabling bearer <udp:syz2>
[ 1498.501431][T15327] tipc: Left network mode
[ 1498.506294][   T29] kauditd_printk_skb: 621 callbacks suppressed
[ 1498.506310][   T29] audit: type=1326 audit(2000000935.950:127362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26481 comm="syz.7.26831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f93c27458e7 code=0x7ffc0000
[ 1498.536268][   T29] audit: type=1326 audit(2000000935.950:127363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26481 comm="syz.7.26831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f93c26eab19 code=0x7ffc0000
[ 1498.560432][   T29] audit: type=1326 audit(2000000935.950:127364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26481 comm="syz.7.26831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f93c274e929 code=0x7ffc0000
[ 1498.589874][   T29] audit: type=1326 audit(2000000935.980:127365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26481 comm="syz.7.26831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f93c27458e7 code=0x7ffc0000
[ 1498.613720][   T29] audit: type=1326 audit(2000000935.980:127366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26481 comm="syz.7.26831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f93c26eab19 code=0x7ffc0000
[ 1498.637766][   T29] audit: type=1326 audit(2000000935.980:127367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26481 comm="syz.7.26831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f93c274e929 code=0x7ffc0000
[ 1498.661565][   T29] audit: type=1326 audit(2000000935.980:127368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26481 comm="syz.7.26831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f93c27458e7 code=0x7ffc0000
[ 1498.685585][   T29] audit: type=1326 audit(2000000935.980:127369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26481 comm="syz.7.26831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f93c26eab19 code=0x7ffc0000
[ 1498.709501][   T29] audit: type=1326 audit(2000000935.980:127370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26481 comm="syz.7.26831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f93c274e929 code=0x7ffc0000
[ 1498.733219][   T29] audit: type=1326 audit(2000000935.980:127371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26481 comm="syz.7.26831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f93c27458e7 code=0x7ffc0000
[ 1498.759228][T15327] hsr_slave_0: left promiscuous mode
[ 1498.767617][T15327] hsr_slave_1: left promiscuous mode
[ 1498.817746][T26517] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[ 1498.817746][T26517]    program syz.2.26836 not setting count and/or reply_len properly
[ 1498.897867][ T4712] smc: removing ib device syz2
[ 1498.947308][T26531] loop4: detected capacity change from 0 to 128
[ 1498.975303][T26532] netlink: 'syz.7.26840': attribute type 8 has an invalid length.
[ 1499.030366][T26526] loop7: detected capacity change from 0 to 512
[ 1499.217103][T23559] bio_check_eod: 218 callbacks suppressed
[ 1499.217122][T23559] kworker/u8:75: attempt to access beyond end of device
[ 1499.217122][T23559] loop4: rw=1, sector=137, nr_sectors = 8 limit=128
[ 1499.299475][T23559] kworker/u8:75: attempt to access beyond end of device
[ 1499.299475][T23559] loop4: rw=1, sector=153, nr_sectors = 8 limit=128
[ 1499.463237][T23559] kworker/u8:75: attempt to access beyond end of device
[ 1499.463237][T23559] loop4: rw=1, sector=169, nr_sectors = 8 limit=128
[ 1499.476804][T23559] kworker/u8:75: attempt to access beyond end of device
[ 1499.476804][T23559] loop4: rw=1, sector=185, nr_sectors = 8 limit=128
[ 1499.509071][T23559] kworker/u8:75: attempt to access beyond end of device
[ 1499.509071][T23559] loop4: rw=1, sector=201, nr_sectors = 8 limit=128
[ 1499.527667][T23559] kworker/u8:75: attempt to access beyond end of device
[ 1499.527667][T23559] loop4: rw=1, sector=217, nr_sectors = 8 limit=128
[ 1499.543551][T23559] kworker/u8:75: attempt to access beyond end of device
[ 1499.543551][T23559] loop4: rw=1, sector=233, nr_sectors = 8 limit=128
[ 1499.560246][T23559] kworker/u8:75: attempt to access beyond end of device
[ 1499.560246][T23559] loop4: rw=1, sector=249, nr_sectors = 8 limit=128
[ 1499.579153][T23559] kworker/u8:75: attempt to access beyond end of device
[ 1499.579153][T23559] loop4: rw=1, sector=265, nr_sectors = 8 limit=128
[ 1499.592919][T23559] kworker/u8:75: attempt to access beyond end of device
[ 1499.592919][T23559] loop4: rw=1, sector=281, nr_sectors = 8 limit=128
[ 1499.593891][T26526] EXT4-fs warning (device loop7): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1499.627486][T26526] EXT4-fs (loop7): mount failed
[ 1499.647349][T15327] IPVS: stop unused estimator thread 0...
[ 1499.734281][T26565] netlink: 28 bytes leftover after parsing attributes in process `syz.9.26846'.
[ 1499.751686][T26532] 9pnet_fd: Insufficient options for proto=fd
[ 1499.816900][T26578] netlink: 'syz.4.26848': attribute type 8 has an invalid length.
[ 1499.818944][T26582] FAULT_INJECTION: forcing a failure.
[ 1499.818944][T26582] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1499.838410][T26582] CPU: 0 UID: 0 PID: 26582 Comm: syz.9.26849 Tainted: G        W           6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(voluntary) 
[ 1499.838456][T26582] Tainted: [W]=WARN
[ 1499.838464][T26582] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1499.838478][T26582] Call Trace:
[ 1499.838483][T26582]  <TASK>
[ 1499.838490][T26582]  __dump_stack+0x1d/0x30
[ 1499.838511][T26582]  dump_stack_lvl+0xe8/0x140
[ 1499.838569][T26582]  dump_stack+0x15/0x1b
[ 1499.838680][T26578] loop4: detected capacity change from 0 to 512
[ 1499.838728][T26582]  should_fail_ex+0x265/0x280
[ 1499.838761][T26582]  should_fail+0xb/0x20
[ 1499.838800][T26582]  should_fail_usercopy+0x1a/0x20
[ 1499.838845][T26582]  _copy_to_user+0x20/0xa0
[ 1499.838887][T26582]  simple_read_from_buffer+0xb5/0x130
[ 1499.838931][T26582]  proc_fail_nth_read+0x100/0x140
[ 1499.838979][T26582]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1499.839114][T26582]  vfs_read+0x1a0/0x6f0
[ 1499.839153][T26582]  ? mntput_no_expire+0x6f/0x3c0
[ 1499.839193][T26582]  ? mntput+0x4b/0x80
[ 1499.839236][T26582]  ? xfd_validate_state+0x45/0xf0
[ 1499.839383][T26582]  ksys_read+0xda/0x1a0
[ 1499.839490][T26582]  __x64_sys_read+0x40/0x50
[ 1499.839533][T26582]  x64_sys_call+0x2d77/0x2fb0
[ 1499.839562][T26582]  do_syscall_64+0xd2/0x200
[ 1499.839659][T26582]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[ 1499.839696][T26582]  ? clear_bhb_loop+0x40/0x90
[ 1499.839726][T26582]  ? clear_bhb_loop+0x40/0x90
[ 1499.839799][T26582]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1499.839950][T26582] RIP: 0033:0x7f9093b2d33c
[ 1499.839971][T26582] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1499.840041][T26582] RSP: 002b:00007f9092197030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1499.840089][T26582] RAX: ffffffffffffffda RBX: 00007f9093d55fa0 RCX: 00007f9093b2d33c
[ 1499.840107][T26582] RDX: 000000000000000f RSI: 00007f90921970a0 RDI: 0000000000000007
[ 1499.840124][T26582] RBP: 00007f9092197090 R08: 0000000000000000 R09: 0000000000000000
[ 1499.840142][T26582] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1499.840203][T26582] R13: 0000000000000000 R14: 00007f9093d55fa0 R15: 00007fff88dbe898
[ 1499.840230][T26582]  </TASK>
[ 1500.067952][T26578] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1500.083059][T26578] EXT4-fs (loop4): mount failed
[ 1500.088786][T26589] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[ 1500.088786][T26589]    program syz.9.26850 not setting count and/or reply_len properly
[ 1500.163553][T26599] tipc: Started in network mode
[ 1500.168580][T26599] tipc: Node identity b2a934620653, cluster identity 4711
[ 1500.175921][T26599] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1500.182809][T26600] syzkaller0: entered promiscuous mode
[ 1500.188595][T26600] syzkaller0: entered allmulticast mode
[ 1500.197783][T26599] tipc: Resetting bearer <eth:syzkaller0>
[ 1500.204382][T26598] tipc: Resetting bearer <eth:syzkaller0>
[ 1500.211451][T26598] tipc: Disabling bearer <eth:syzkaller0>
[ 1500.222717][T26604] 9pnet_fd: Insufficient options for proto=fd
[ 1500.269330][T26610] netlink: 'syz.7.26855': attribute type 8 has an invalid length.
[ 1500.285169][T26610] loop7: detected capacity change from 0 to 512
[ 1500.295460][T26610] EXT4-fs warning (device loop7): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1500.312107][T26610] EXT4-fs (loop7): mount failed
[ 1500.436289][T26631] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1500.452847][T26631] loop8: detected capacity change from 0 to 1024
[ 1500.459778][T26631] EXT4-fs: Ignoring removed orlov option
[ 1500.467861][T26631] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1500.686778][T26640] bridge0: entered promiscuous mode
[ 1500.736335][T26640] macsec1: entered promiscuous mode
[ 1500.798908][T26640] bridge0: port 3(macsec1) entered blocking state
[ 1500.805657][T26640] bridge0: port 3(macsec1) entered disabled state
[ 1500.927671][T26640] macsec1: entered allmulticast mode
[ 1500.933044][T26640] bridge0: entered allmulticast mode
[ 1500.947584][T26640] macsec1: left allmulticast mode
[ 1500.952727][T26640] bridge0: left allmulticast mode
[ 1500.959041][T26640] bridge0: left promiscuous mode
[ 1500.978568][T26651] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[ 1500.978568][T26651]    program syz.4.26864 not setting count and/or reply_len properly
[ 1501.042728][T20673] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1501.124179][T26659] netlink: 28 bytes leftover after parsing attributes in process `syz.8.26865'.
[ 1501.260926][T26669] netlink: 'syz.4.26879': attribute type 8 has an invalid length.
[ 1501.287851][T26669] loop4: detected capacity change from 0 to 512
[ 1501.315055][T26669] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1501.332308][T26669] EXT4-fs (loop4): mount failed
[ 1501.549496][T26703] loop8: detected capacity change from 0 to 8192
[ 1501.599145][T26708] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[ 1501.599145][T26708]    program syz.8.26878 not setting count and/or reply_len properly
[ 1501.728319][T26713] netlink: 28 bytes leftover after parsing attributes in process `syz.8.26882'.
[ 1502.789549][T26752] loop2: detected capacity change from 0 to 8192
[ 1502.897478][T26766] netlink: 8 bytes leftover after parsing attributes in process `syz.4.26892'.
[ 1502.955707][T26770] vlan2: entered allmulticast mode
[ 1503.530336][   T29] kauditd_printk_skb: 1027 callbacks suppressed
[ 1503.530352][   T29] audit: type=1326 audit(2000000940.973:128395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26796 comm="syz.7.26903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93c274e929 code=0x7ffc0000
[ 1503.560657][   T29] audit: type=1326 audit(2000000940.973:128396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26796 comm="syz.7.26903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93c274e929 code=0x7ffc0000
[ 1503.643278][   T29] audit: type=1326 audit(2000000940.973:128397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26796 comm="syz.7.26903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f93c274e929 code=0x7ffc0000
[ 1503.667136][   T29] audit: type=1326 audit(2000000940.973:128398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26796 comm="syz.7.26903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93c274e929 code=0x7ffc0000
[ 1503.690943][   T29] audit: type=1326 audit(2000000940.973:128399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26796 comm="syz.7.26903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93c274e929 code=0x7ffc0000
[ 1503.714770][   T29] audit: type=1326 audit(2000000941.033:128400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26796 comm="syz.7.26903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f93c274e929 code=0x7ffc0000
[ 1503.738376][   T29] audit: type=1326 audit(2000000941.033:128401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26796 comm="syz.7.26903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93c274e929 code=0x7ffc0000
[ 1503.762296][   T29] audit: type=1326 audit(2000000941.033:128402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26796 comm="syz.7.26903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=322 compat=0 ip=0x7f93c274e929 code=0x7ffc0000
[ 1503.786287][   T29] audit: type=1326 audit(2000000941.033:128403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26796 comm="syz.7.26903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93c274e929 code=0x7ffc0000
[ 1504.058983][T26819] loop2: detected capacity change from 0 to 128
[ 1504.292137][   T29] audit: type=1326 audit(2000000941.733:128404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26829 comm="syz.9.26912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9093b2e929 code=0x7ffc0000
[ 1504.332054][T15336] bio_check_eod: 171 callbacks suppressed
[ 1504.337979][T15336] kworker/u8:16: attempt to access beyond end of device
[ 1504.337979][T15336] loop2: rw=2049, sector=449, nr_sectors = 8 limit=128
[ 1504.387538][T15336] kworker/u8:16: attempt to access beyond end of device
[ 1504.387538][T15336] loop2: rw=2049, sector=481, nr_sectors = 8 limit=128
[ 1504.403577][T26819] syz.2.26908: attempt to access beyond end of device
[ 1504.403577][T26819] loop2: rw=2049, sector=545, nr_sectors = 8 limit=128
[ 1504.417685][T15336] kworker/u8:16: attempt to access beyond end of device
[ 1504.417685][T15336] loop2: rw=2049, sector=513, nr_sectors = 8 limit=128
[ 1504.434571][T26819] syz.2.26908: attempt to access beyond end of device
[ 1504.434571][T26819] loop2: rw=2049, sector=577, nr_sectors = 8 limit=128
[ 1504.459338][T15336] kworker/u8:16: attempt to access beyond end of device
[ 1504.459338][T15336] loop2: rw=2049, sector=609, nr_sectors = 8 limit=128
[ 1504.477391][T26819] syz.2.26908: attempt to access beyond end of device
[ 1504.477391][T26819] loop2: rw=2049, sector=641, nr_sectors = 8 limit=128
[ 1504.491641][T15336] kworker/u8:16: attempt to access beyond end of device
[ 1504.491641][T15336] loop2: rw=2049, sector=673, nr_sectors = 8 limit=128
[ 1504.507414][T26819] syz.2.26908: attempt to access beyond end of device
[ 1504.507414][T26819] loop2: rw=2049, sector=705, nr_sectors = 8 limit=128
[ 1504.525579][T15336] kworker/u8:16: attempt to access beyond end of device
[ 1504.525579][T15336] loop2: rw=2049, sector=737, nr_sectors = 8 limit=128
[ 1504.869095][T26857] loop9: detected capacity change from 0 to 128
[ 1505.069207][T26862] loop8: detected capacity change from 0 to 512
[ 1505.086808][T26862] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[ 1505.138360][T26862] EXT4-fs (loop8): 1 truncate cleaned up
[ 1505.154741][T26862] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1505.338944][T26880] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[ 1505.338944][T26880]    program syz.2.26924 not setting count and/or reply_len properly
[ 1505.375997][T20673] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1505.513378][T26892] lo speed is unknown, defaulting to 1000
[ 1505.530678][T26892] lo speed is unknown, defaulting to 1000
[ 1505.537671][T26905] netlink: 16402 bytes leftover after parsing attributes in process `syz.7.26930'.
[ 1505.548680][T26892] lo speed is unknown, defaulting to 1000
[ 1505.557838][T26892] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[ 1505.576224][T26892] lo speed is unknown, defaulting to 1000
[ 1505.598169][T26892] lo speed is unknown, defaulting to 1000
[ 1505.606313][T26915] loop7: detected capacity change from 0 to 128
[ 1505.614836][T26892] lo speed is unknown, defaulting to 1000
[ 1505.626533][T26892] lo speed is unknown, defaulting to 1000
[ 1505.641932][T26892] lo speed is unknown, defaulting to 1000
[ 1505.656072][T26892] lo speed is unknown, defaulting to 1000
[ 1505.674136][T26892] lo speed is unknown, defaulting to 1000
[ 1505.684493][T26892] lo speed is unknown, defaulting to 1000
[ 1505.703840][T26892] lo speed is unknown, defaulting to 1000
[ 1505.849844][T26923] loop9: detected capacity change from 0 to 8192
[ 1505.921414][T26923]  loop9: p1 < > p2 p4
[ 1505.925651][T26923] loop9: partition table partially beyond EOD, truncated
[ 1505.960158][T26923] loop9: p1 start 408832 is beyond EOD, truncated
[ 1505.966793][T26923] loop9: p2 size 8388352 extends beyond EOD, truncated
[ 1506.237407][T26957] netlink: 12 bytes leftover after parsing attributes in process `syz.7.26942'.
[ 1506.538496][T26974] loop7: detected capacity change from 0 to 512
[ 1506.603674][T26974] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1506.616339][T26974] ext4 filesystem being mounted at /417/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1506.832017][T26985] netlink: 'syz.9.26946': attribute type 8 has an invalid length.
[ 1506.844146][T26980] lo speed is unknown, defaulting to 1000
[ 1506.854995][T26985] loop9: detected capacity change from 0 to 512
[ 1506.872645][T26985] EXT4-fs warning (device loop9): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1506.932997][T26985] EXT4-fs (loop9): mount failed
[ 1506.972473][T27010] wireguard0: entered promiscuous mode
[ 1506.978020][T27010] wireguard0: entered allmulticast mode
[ 1507.046619][T27020] 9pnet_fd: Insufficient options for proto=fd
[ 1507.191239][T27031] SELinux:  Context system_u:object_r:ssh_agent_exec_t:s0 is not valid (left unmapped).
[ 1507.322872][T27042] FAULT_INJECTION: forcing a failure.
[ 1507.322872][T27042] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1507.336069][T27042] CPU: 0 UID: 0 PID: 27042 Comm: syz.2.26954 Tainted: G        W           6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(voluntary) 
[ 1507.336137][T27042] Tainted: [W]=WARN
[ 1507.336146][T27042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1507.336185][T27042] Call Trace:
[ 1507.336191][T27042]  <TASK>
[ 1507.336198][T27042]  __dump_stack+0x1d/0x30
[ 1507.336219][T27042]  dump_stack_lvl+0xe8/0x140
[ 1507.336249][T27042]  dump_stack+0x15/0x1b
[ 1507.336270][T27042]  should_fail_ex+0x265/0x280
[ 1507.336308][T27042]  should_fail+0xb/0x20
[ 1507.336335][T27042]  should_fail_usercopy+0x1a/0x20
[ 1507.336372][T27042]  _copy_from_iter+0xcf/0xe40
[ 1507.336445][T27042]  ? __build_skb_around+0x1a0/0x200
[ 1507.336480][T27042]  ? __alloc_skb+0x223/0x320
[ 1507.336593][T27042]  netlink_sendmsg+0x471/0x6b0
[ 1507.336694][T27042]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1507.336793][T27042]  __sock_sendmsg+0x142/0x180
[ 1507.336876][T27042]  ____sys_sendmsg+0x31e/0x4e0
[ 1507.336910][T27042]  ___sys_sendmsg+0x17b/0x1d0
[ 1507.337035][T27042]  __x64_sys_sendmsg+0xd4/0x160
[ 1507.337078][T27042]  x64_sys_call+0x2999/0x2fb0
[ 1507.337105][T27042]  do_syscall_64+0xd2/0x200
[ 1507.337176][T27042]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[ 1507.337201][T27042]  ? clear_bhb_loop+0x40/0x90
[ 1507.337254][T27042]  ? clear_bhb_loop+0x40/0x90
[ 1507.337282][T27042]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1507.337309][T27042] RIP: 0033:0x7fa58e91e929
[ 1507.337334][T27042] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1507.337416][T27042] RSP: 002b:00007fa58cf87038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1507.337434][T27042] RAX: ffffffffffffffda RBX: 00007fa58eb45fa0 RCX: 00007fa58e91e929
[ 1507.337446][T27042] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000005
[ 1507.337472][T27042] RBP: 00007fa58cf87090 R08: 0000000000000000 R09: 0000000000000000
[ 1507.337488][T27042] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1507.337502][T27042] R13: 0000000000000000 R14: 00007fa58eb45fa0 R15: 00007ffecfea65d8
[ 1507.337520][T27042]  </TASK>
[ 1507.802344][T27047] netlink: 28 bytes leftover after parsing attributes in process `syz.8.26955'.
[ 1507.832716][T27048] netlink: 28 bytes leftover after parsing attributes in process `syz.9.26956'.
[ 1507.891074][T27054] netlink: 'syz.2.26957': attribute type 8 has an invalid length.
[ 1507.932939][T27054] loop2: detected capacity change from 0 to 512
[ 1507.974499][T27054] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1508.005219][T27054] EXT4-fs (loop2): mount failed
[ 1508.097856][T27074] loop9: detected capacity change from 0 to 512
[ 1508.138445][T27072] 9pnet_fd: Insufficient options for proto=fd
[ 1508.145581][T27074] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1508.178572][T27074] ext4 filesystem being mounted at /547/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1508.532097][   T29] kauditd_printk_skb: 773 callbacks suppressed
[ 1508.532117][   T29] audit: type=1326 audit(2000000945.985:129176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27053 comm="syz.2.26957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa58e9158e7 code=0x7ffc0000
[ 1508.585376][   T29] audit: type=1326 audit(2000000945.985:129177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27053 comm="syz.2.26957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fa58e8bab19 code=0x7ffc0000
[ 1508.609123][   T29] audit: type=1326 audit(2000000945.985:129178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27053 comm="syz.2.26957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7fa58e91e929 code=0x7ffc0000
[ 1508.632866][   T29] audit: type=1326 audit(2000000946.025:129179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27053 comm="syz.2.26957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa58e9158e7 code=0x7ffc0000
[ 1508.656703][   T29] audit: type=1326 audit(2000000946.025:129180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27053 comm="syz.2.26957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fa58e8bab19 code=0x7ffc0000
[ 1508.680561][   T29] audit: type=1326 audit(2000000946.025:129181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27053 comm="syz.2.26957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7fa58e91e929 code=0x7ffc0000
[ 1508.704274][   T29] audit: type=1326 audit(2000000946.035:129182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27053 comm="syz.2.26957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa58e9158e7 code=0x7ffc0000
[ 1508.727973][   T29] audit: type=1326 audit(2000000946.035:129183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27053 comm="syz.2.26957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fa58e8bab19 code=0x7ffc0000
[ 1508.751720][   T29] audit: type=1326 audit(2000000946.035:129184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27053 comm="syz.2.26957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7fa58e91e929 code=0x7ffc0000
[ 1508.902061][   T29] audit: type=1326 audit(2000000946.035:129185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27053 comm="syz.2.26957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa58e9158e7 code=0x7ffc0000
[ 1508.984401][T16435] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1509.004331][T27091] netlink: 'syz.2.26966': attribute type 8 has an invalid length.
[ 1509.062815][T27091] loop2: detected capacity change from 0 to 512
[ 1509.102695][T27091] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1509.130221][T27091] EXT4-fs (loop2): mount failed
[ 1509.135862][T27108] netlink: 'syz.9.26969': attribute type 8 has an invalid length.
[ 1509.174923][T27104] loop9: detected capacity change from 0 to 512
[ 1509.201811][T27114] netlink: 'syz.8.26970': attribute type 8 has an invalid length.
[ 1509.230300][T27116] 9pnet_fd: Insufficient options for proto=fd
[ 1509.239379][T27114] loop8: detected capacity change from 0 to 512
[ 1509.252427][T27104] EXT4-fs warning (device loop9): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1509.273056][T27104] EXT4-fs (loop9): mount failed
[ 1509.283622][T27114] EXT4-fs warning (device loop8): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1509.310007][T27114] EXT4-fs (loop8): mount failed
[ 1509.318623][T18541] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1509.349060][T27132] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1509.415835][T27133] netlink: 'syz.7.26971': attribute type 39 has an invalid length.
[ 1509.958526][T27141] FAULT_INJECTION: forcing a failure.
[ 1509.958526][T27141] name failslab, interval 1, probability 0, space 0, times 0
[ 1509.971340][T27141] CPU: 1 UID: 0 PID: 27141 Comm: syz.2.26974 Tainted: G        W           6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(voluntary) 
[ 1509.971395][T27141] Tainted: [W]=WARN
[ 1509.971402][T27141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1509.971414][T27141] Call Trace:
[ 1509.971420][T27141]  <TASK>
[ 1509.971427][T27141]  __dump_stack+0x1d/0x30
[ 1509.971512][T27141]  dump_stack_lvl+0xe8/0x140
[ 1509.971537][T27141]  dump_stack+0x15/0x1b
[ 1509.971558][T27141]  should_fail_ex+0x265/0x280
[ 1509.971596][T27141]  should_failslab+0x8c/0xb0
[ 1509.971624][T27141]  kmem_cache_alloc_noprof+0x50/0x310
[ 1509.971685][T27141]  ? getname_flags+0x80/0x3b0
[ 1509.971712][T27141]  getname_flags+0x80/0x3b0
[ 1509.971772][T27141]  __x64_sys_execve+0x42/0x70
[ 1509.971810][T27141]  x64_sys_call+0x13ab/0x2fb0
[ 1509.971836][T27141]  do_syscall_64+0xd2/0x200
[ 1509.971874][T27141]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[ 1509.971962][T27141]  ? clear_bhb_loop+0x40/0x90
[ 1509.971989][T27141]  ? clear_bhb_loop+0x40/0x90
[ 1509.972050][T27141]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1509.972077][T27141] RIP: 0033:0x7fa58e91e929
[ 1509.972096][T27141] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1509.972125][T27141] RSP: 002b:00007fa58cf87038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[ 1509.972211][T27141] RAX: ffffffffffffffda RBX: 00007fa58eb45fa0 RCX: 00007fa58e91e929
[ 1509.972225][T27141] RDX: 0000200000000500 RSI: 0000000000000000 RDI: 0000000000000000
[ 1509.972238][T27141] RBP: 00007fa58cf87090 R08: 0000000000000000 R09: 0000000000000000
[ 1509.972272][T27141] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1509.972322][T27141] R13: 0000000000000000 R14: 00007fa58eb45fa0 R15: 00007ffecfea65d8
[ 1509.972347][T27141]  </TASK>
[ 1510.830850][T27162] netlink: 'syz.8.26983': attribute type 8 has an invalid length.
[ 1510.849045][T27162] loop8: detected capacity change from 0 to 512
[ 1510.876361][T27162] EXT4-fs warning (device loop8): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1510.909202][T27162] EXT4-fs (loop8): mount failed
[ 1510.916933][T27172] loop9: detected capacity change from 0 to 164
[ 1510.925179][T27171] netlink: 'syz.7.26985': attribute type 8 has an invalid length.
[ 1510.962957][T27171] loop7: detected capacity change from 0 to 512
[ 1510.980709][T27171] EXT4-fs warning (device loop7): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1510.997397][T27187] FAULT_INJECTION: forcing a failure.
[ 1510.997397][T27187] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1511.010586][T27187] CPU: 1 UID: 0 PID: 27187 Comm: syz.9.26987 Tainted: G        W           6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(voluntary) 
[ 1511.010750][T27187] Tainted: [W]=WARN
[ 1511.010759][T27187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1511.010775][T27187] Call Trace:
[ 1511.010782][T27187]  <TASK>
[ 1511.010790][T27187]  __dump_stack+0x1d/0x30
[ 1511.010812][T27187]  dump_stack_lvl+0xe8/0x140
[ 1511.010831][T27187]  dump_stack+0x15/0x1b
[ 1511.010910][T27187]  should_fail_ex+0x265/0x280
[ 1511.010945][T27187]  should_fail+0xb/0x20
[ 1511.011004][T27187]  should_fail_usercopy+0x1a/0x20
[ 1511.011095][T27187]  _copy_from_user+0x1c/0xb0
[ 1511.011119][T27187]  ___sys_sendmsg+0xc1/0x1d0
[ 1511.011179][T27187]  __x64_sys_sendmsg+0xd4/0x160
[ 1511.011245][T27187]  x64_sys_call+0x2999/0x2fb0
[ 1511.011322][T27187]  do_syscall_64+0xd2/0x200
[ 1511.011353][T27187]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[ 1511.011385][T27187]  ? clear_bhb_loop+0x40/0x90
[ 1511.011432][T27187]  ? clear_bhb_loop+0x40/0x90
[ 1511.011462][T27187]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1511.011503][T27187] RIP: 0033:0x7f9093b2e929
[ 1511.011522][T27187] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1511.011593][T27187] RSP: 002b:00007f9092197038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1511.011618][T27187] RAX: ffffffffffffffda RBX: 00007f9093d55fa0 RCX: 00007f9093b2e929
[ 1511.011632][T27187] RDX: 0000000000000000 RSI: 00002000000004c0 RDI: 0000000000000003
[ 1511.011643][T27187] RBP: 00007f9092197090 R08: 0000000000000000 R09: 0000000000000000
[ 1511.011655][T27187] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1511.011669][T27187] R13: 0000000000000000 R14: 00007f9093d55fa0 R15: 00007fff88dbe898
[ 1511.011693][T27187]  </TASK>
[ 1511.216043][T27185] 9pnet_fd: Insufficient options for proto=fd
[ 1511.275448][T27171] EXT4-fs (loop7): mount failed
[ 1513.183998][T27234] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1513.200124][T27236] loop9: detected capacity change from 0 to 128
[ 1513.467885][T15333] bio_check_eod: 265 callbacks suppressed
[ 1513.467903][T15333] kworker/u8:13: attempt to access beyond end of device
[ 1513.467903][T15333] loop9: rw=1, sector=137, nr_sectors = 8 limit=128
[ 1513.500015][T15333] kworker/u8:13: attempt to access beyond end of device
[ 1513.500015][T15333] loop9: rw=1, sector=153, nr_sectors = 8 limit=128
[ 1513.517005][T27234] loop2: detected capacity change from 0 to 1024
[ 1513.524998][T15333] kworker/u8:13: attempt to access beyond end of device
[ 1513.524998][T15333] loop9: rw=1, sector=169, nr_sectors = 8 limit=128
[ 1513.560808][   T29] kauditd_printk_skb: 1090 callbacks suppressed
[ 1513.560825][   T29] audit: type=1326 audit(2000000951.018:130271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27242 comm="syz.8.27001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d10ade929 code=0x7ffc0000
[ 1513.562695][T27234] EXT4-fs: Ignoring removed orlov option
[ 1513.567144][   T29] audit: type=1326 audit(2000000951.018:130272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27242 comm="syz.8.27001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d10ade929 code=0x7ffc0000
[ 1513.620977][   T29] audit: type=1326 audit(2000000951.018:130273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27242 comm="syz.8.27001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6d10ade929 code=0x7ffc0000
[ 1513.645038][   T29] audit: type=1326 audit(2000000951.018:130274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27242 comm="syz.8.27001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d10ade929 code=0x7ffc0000
[ 1513.661362][T15333] kworker/u8:13: attempt to access beyond end of device
[ 1513.661362][T15333] loop9: rw=1, sector=185, nr_sectors = 8 limit=128
[ 1513.668904][   T29] audit: type=1326 audit(2000000951.018:130275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27242 comm="syz.8.27001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d10ade929 code=0x7ffc0000
[ 1513.685590][T15333] kworker/u8:13: attempt to access beyond end of device
[ 1513.685590][T15333] loop9: rw=1, sector=201, nr_sectors = 8 limit=128
[ 1513.719543][   T29] audit: type=1326 audit(2000000951.018:130276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27242 comm="syz.8.27001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6d10ade929 code=0x7ffc0000
[ 1513.743385][   T29] audit: type=1326 audit(2000000951.018:130277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27242 comm="syz.8.27001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d10ade929 code=0x7ffc0000
[ 1513.758106][T27243] netlink: 'syz.8.27001': attribute type 8 has an invalid length.
[ 1513.767318][   T29] audit: type=1326 audit(2000000951.018:130278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27242 comm="syz.8.27001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d10ade929 code=0x7ffc0000
[ 1513.799066][T27236] syz.9.26999: attempt to access beyond end of device
[ 1513.799066][T27236] loop9: rw=2049, sector=233, nr_sectors = 8 limit=128
[ 1513.799110][T27236] syz.9.26999: attempt to access beyond end of device
[ 1513.799110][T27236] loop9: rw=2049, sector=249, nr_sectors = 8 limit=128
[ 1513.812635][   T29] audit: type=1326 audit(2000000951.158:130279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27242 comm="syz.8.27001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6d10ade929 code=0x7ffc0000
[ 1513.849983][   T29] audit: type=1326 audit(2000000951.158:130280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27242 comm="syz.8.27001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d10ade929 code=0x7ffc0000
[ 1513.877521][T27246] loop8: detected capacity change from 0 to 512
[ 1513.882421][T27236] syz.9.26999: attempt to access beyond end of device
[ 1513.882421][T27236] loop9: rw=2049, sector=265, nr_sectors = 8 limit=128
[ 1513.885083][T27234] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1513.913215][T27236] syz.9.26999: attempt to access beyond end of device
[ 1513.913215][T27236] loop9: rw=2049, sector=281, nr_sectors = 8 limit=128
[ 1513.940310][T15333] kworker/u8:13: attempt to access beyond end of device
[ 1513.940310][T15333] loop9: rw=1, sector=217, nr_sectors = 8 limit=128
[ 1513.956863][T27246] EXT4-fs warning (device loop8): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1513.991813][T27246] EXT4-fs (loop8): mount failed
[ 1514.819763][T20125] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1514.892552][T27272] SELinux: failed to load policy
[ 1514.917839][T27273] loop8: detected capacity change from 0 to 8192
[ 1514.958150][T27273]  loop8: p1 < > p2 p4
[ 1514.962328][T27273] loop8: partition table partially beyond EOD, truncated
[ 1515.004087][T27273] loop8: p1 start 408832 is beyond EOD, truncated
[ 1515.010631][T27273] loop8: p2 size 8388352 extends beyond EOD, truncated
[ 1515.927280][T27305] netlink: 4 bytes leftover after parsing attributes in process `syz.7.27009'.
[ 1515.942990][T27305] pim6reg1: entered promiscuous mode
[ 1515.948391][T27305] pim6reg1: entered allmulticast mode
[ 1515.981146][T27309] netlink: 8 bytes leftover after parsing attributes in process `wg1'.
[ 1516.027402][T27315] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1516.043222][T27315] loop9: detected capacity change from 0 to 1024
[ 1516.051254][T27315] EXT4-fs: Ignoring removed orlov option
[ 1516.059031][T27313] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[ 1516.059031][T27313]    program syz.2.27011 not setting count and/or reply_len properly
[ 1516.087492][T27315] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1516.442007][T27335] loop8: detected capacity change from 0 to 512
[ 1516.459690][T27335] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1516.466254][T27335] EXT4-fs: Ignoring removed i_version option
[ 1516.512649][T27335] EXT4-fs (loop8): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 1516.543761][T27335] EXT4-fs (loop8): revision level too high, forcing read-only mode
[ 1516.566970][T27335] EXT4-fs (loop8): orphan cleanup on readonly fs
[ 1516.585800][T27335] EXT4-fs error (device loop8): ext4_read_block_bitmap_nowait:483: comm syz.8.27018: Invalid block bitmap block 0 in block_group 0
[ 1516.646556][T27331] 9pnet_fd: Insufficient options for proto=fd
[ 1516.655656][T27331] loop7: detected capacity change from 0 to 128
[ 1516.664758][T27335] EXT4-fs (loop8): Remounting filesystem read-only
[ 1516.681134][T27331] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1516.693498][T27335] EXT4-fs (loop8): 1 orphan inode deleted
[ 1516.699360][T27331] ext4 filesystem being mounted at /430/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1516.733813][T27335] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1516.788848][T20673] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1516.817516][T18541] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1516.878365][T16435] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1516.928996][T27357] loop9: detected capacity change from 0 to 128
[ 1516.951304][T27353] loop2: detected capacity change from 0 to 2048
[ 1517.118029][T27369] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1517.164281][T27369] loop7: detected capacity change from 0 to 1024
[ 1517.189372][T27369] EXT4-fs: Ignoring removed orlov option
[ 1517.203471][T27369] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1517.374323][T27383] netlink: 64 bytes leftover after parsing attributes in process `syz.9.27028'.
[ 1517.436439][T27387] loop8: detected capacity change from 0 to 1024
[ 1517.451343][T27387] EXT4-fs: Ignoring removed orlov option
[ 1517.467830][T27387] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1517.679189][T27401] loop2: detected capacity change from 0 to 128
[ 1517.772991][T18541] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1517.876534][T27408] loop7: detected capacity change from 0 to 2048
[ 1517.926489][T27408] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1517.983501][T20673] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1518.080847][T27415] netlink: 'syz.8.27032': attribute type 8 has an invalid length.
[ 1518.148887][T27415] loop8: detected capacity change from 0 to 512
[ 1518.186225][T27415] EXT4-fs warning (device loop8): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1518.217559][T27415] EXT4-fs (loop8): mount failed
[ 1518.250804][T18541] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1518.294736][T27431] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1518.323857][T27431] loop7: detected capacity change from 0 to 1024
[ 1518.346593][T27431] EXT4-fs: Ignoring removed orlov option
[ 1518.366583][T27431] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1518.573809][   T29] kauditd_printk_skb: 220 callbacks suppressed
[ 1518.573829][   T29] audit: type=1326 audit(2000000956.020:130496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27414 comm="syz.8.27032" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6d10ad58e7 code=0x7ffc0000
[ 1518.611452][   T29] audit: type=1326 audit(2000000956.060:130497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27414 comm="syz.8.27032" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6d10a7ab19 code=0x7ffc0000
[ 1518.635414][   T29] audit: type=1326 audit(2000000956.060:130498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27414 comm="syz.8.27032" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6d10ad58e7 code=0x7ffc0000
[ 1518.659345][   T29] audit: type=1326 audit(2000000956.060:130499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27414 comm="syz.8.27032" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6d10a7ab19 code=0x7ffc0000
[ 1518.683216][   T29] audit: type=1326 audit(2000000956.060:130500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27414 comm="syz.8.27032" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f6d10ade929 code=0x7ffc0000
[ 1518.735801][   T29] audit: type=1326 audit(2000000956.160:130501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27414 comm="syz.8.27032" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6d10ad58e7 code=0x7ffc0000
[ 1518.759671][   T29] audit: type=1326 audit(2000000956.160:130502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27414 comm="syz.8.27032" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6d10a7ab19 code=0x7ffc0000
[ 1518.774092][T27437] lo speed is unknown, defaulting to 1000
[ 1518.783449][   T29] audit: type=1326 audit(2000000956.160:130503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27414 comm="syz.8.27032" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f6d10ade929 code=0x7ffc0000
[ 1518.812926][   T29] audit: type=1326 audit(2000000956.170:130504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27414 comm="syz.8.27032" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6d10ad58e7 code=0x7ffc0000
[ 1518.836774][   T29] audit: type=1326 audit(2000000956.170:130505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27414 comm="syz.8.27032" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6d10a7ab19 code=0x7ffc0000
[ 1518.907940][T15333] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1518.972390][T18541] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1519.014950][T15333] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1519.028952][T27519] loop7: detected capacity change from 0 to 1024
[ 1519.056368][T27519] EXT4-fs: Ignoring removed orlov option
[ 1519.064475][T27519] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1519.079469][T27437] chnl_net:caif_netlink_parms(): no params data found
[ 1519.093047][T15333] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1519.141641][T27598] netlink: 'syz.8.27042': attribute type 8 has an invalid length.
[ 1519.157276][T15333] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1519.205124][T27610] loop8: detected capacity change from 0 to 512
[ 1519.225698][T27610] EXT4-fs warning (device loop8): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1519.235996][T27437] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1519.247493][T27437] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1519.257391][T27610] EXT4-fs (loop8): mount failed
[ 1519.262808][T27437] bridge_slave_0: entered allmulticast mode
[ 1519.270826][T27437] bridge_slave_0: entered promiscuous mode
[ 1519.279898][T27437] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1519.287173][T27437] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1519.294517][T27437] bridge_slave_1: entered allmulticast mode
[ 1519.301208][T27437] bridge_slave_1: entered promiscuous mode
[ 1519.321574][T27437] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1519.341755][T27437] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1519.370483][T27665] loop8: detected capacity change from 0 to 128
[ 1519.411770][T27437] team0: Port device team_slave_0 added
[ 1519.420241][T27437] team0: Port device team_slave_1 added
[ 1519.481797][T27437] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1519.488872][T27437] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1519.514969][T27437] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1519.547137][   T66] bio_check_eod: 332 callbacks suppressed
[ 1519.547278][   T66] kworker/u8:5: attempt to access beyond end of device
[ 1519.547278][   T66] loop8: rw=1, sector=137, nr_sectors = 8 limit=128
[ 1519.569917][T15333] bridge_slave_1: left allmulticast mode
[ 1519.575750][T15333] bridge_slave_1: left promiscuous mode
[ 1519.581491][T15333] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1519.585692][T27725] netlink: 'syz.9.27045': attribute type 10 has an invalid length.
[ 1519.602606][   T66] kworker/u8:5: attempt to access beyond end of device
[ 1519.602606][   T66] loop8: rw=1, sector=153, nr_sectors = 8 limit=128
[ 1519.617908][   T66] kworker/u8:5: attempt to access beyond end of device
[ 1519.617908][   T66] loop8: rw=1, sector=169, nr_sectors = 8 limit=128
[ 1519.631649][   T66] kworker/u8:5: attempt to access beyond end of device
[ 1519.631649][   T66] loop8: rw=1, sector=185, nr_sectors = 8 limit=128
[ 1519.645874][T15333] bridge_slave_0: left promiscuous mode
[ 1519.646064][T18541] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1519.651615][T15333] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1519.668027][   T66] kworker/u8:5: attempt to access beyond end of device
[ 1519.668027][   T66] loop8: rw=1, sector=201, nr_sectors = 8 limit=128
[ 1519.681902][   T66] kworker/u8:5: attempt to access beyond end of device
[ 1519.681902][   T66] loop8: rw=1, sector=217, nr_sectors = 8 limit=128
[ 1519.695906][   T66] kworker/u8:5: attempt to access beyond end of device
[ 1519.695906][   T66] loop8: rw=1, sector=233, nr_sectors = 8 limit=128
[ 1519.709564][   T66] kworker/u8:5: attempt to access beyond end of device
[ 1519.709564][   T66] loop8: rw=1, sector=249, nr_sectors = 8 limit=128
[ 1519.727407][   T66] kworker/u8:5: attempt to access beyond end of device
[ 1519.727407][   T66] loop8: rw=1, sector=265, nr_sectors = 8 limit=128
[ 1519.742436][   T66] kworker/u8:5: attempt to access beyond end of device
[ 1519.742436][   T66] loop8: rw=1, sector=281, nr_sectors = 8 limit=128
[ 1520.046992][T15333] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1520.057817][T15333] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1520.067472][T15333] bond0 (unregistering): Released all slaves
[ 1520.079285][T27725] veth0_macvtap: left promiscuous mode
[ 1520.089601][T27725] veth0_macvtap: entered promiscuous mode
[ 1520.096547][T27725] team0: Device macvtap0 failed to register rx_handler
[ 1520.103799][T27725] veth0_macvtap: left promiscuous mode
[ 1520.117160][T27437] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1520.124203][T27437] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1520.150356][T27437] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1520.220419][T15333] hsr_slave_0: left promiscuous mode
[ 1520.227590][T15333] hsr_slave_1: left promiscuous mode
[ 1520.233434][T15333] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1520.240822][T27775] netlink: 'syz.9.27049': attribute type 8 has an invalid length.
[ 1520.248826][T15333] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1520.257736][T15333] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1520.265468][T15333] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1520.290862][T15333] veth1_macvtap: left promiscuous mode
[ 1520.300400][T27742] loop9: detected capacity change from 0 to 512
[ 1520.306558][T15333] veth0_macvtap: left promiscuous mode
[ 1520.309827][T27779] loop8: detected capacity change from 0 to 128
[ 1520.312245][T15333] veth1_vlan: left promiscuous mode
[ 1520.332385][T15333] veth0_vlan: left promiscuous mode
[ 1520.341638][T27784] netlink: 'syz.7.27053': attribute type 8 has an invalid length.
[ 1520.355282][T27742] EXT4-fs warning (device loop9): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1520.378012][T27787] loop2: detected capacity change from 0 to 1024
[ 1520.397510][T27789] loop7: detected capacity change from 0 to 512
[ 1520.403706][T27742] EXT4-fs (loop9): mount failed
[ 1520.410679][T27787] EXT4-fs: Ignoring removed orlov option
[ 1520.437590][T27787] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1520.451850][T27789] EXT4-fs warning (device loop7): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1520.485217][T27789] EXT4-fs (loop7): mount failed
[ 1520.503185][T15333] team0 (unregistering): Port device team_slave_1 removed
[ 1520.517487][T15333] team0 (unregistering): Port device team_slave_0 removed
[ 1520.566354][T27437] hsr_slave_0: entered promiscuous mode
[ 1520.572699][T27437] hsr_slave_1: entered promiscuous mode
[ 1520.579460][T27437] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1520.591934][T27437] Cannot create hsr debugfs directory
[ 1520.603606][T27780] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1520.630620][T27803] bridge0: entered promiscuous mode
[ 1520.639142][T27803] macsec1: entered promiscuous mode
[ 1520.646093][T27803] bridge0: port 3(macsec1) entered blocking state
[ 1520.653012][T27803] bridge0: port 3(macsec1) entered disabled state
[ 1520.659827][T27803] macsec1: entered allmulticast mode
[ 1520.665237][T27803] bridge0: entered allmulticast mode
[ 1520.676232][T27803] macsec1: left allmulticast mode
[ 1520.681420][T27803] bridge0: left allmulticast mode
[ 1520.694212][T27811] loop7: detected capacity change from 0 to 1024
[ 1520.700925][T27811] EXT4-fs: Ignoring removed orlov option
[ 1520.707597][T27803] bridge0: left promiscuous mode
[ 1520.716806][T27811] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1520.787050][T27823] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1520.857882][T27823] loop8: detected capacity change from 0 to 1024
[ 1520.868881][T27823] EXT4-fs: Ignoring removed orlov option
[ 1520.880389][T27823] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1520.903685][T20125] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1520.930811][T20673] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1521.004157][T18541] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1521.017582][T27893] netlink: 'syz.8.27057': attribute type 8 has an invalid length.
[ 1521.060545][T27908] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1521.069748][T27893] loop8: detected capacity change from 0 to 512
[ 1521.079179][T27910] loop2: detected capacity change from 0 to 128
[ 1521.092441][T27908] loop7: detected capacity change from 0 to 1024
[ 1521.100266][T27908] EXT4-fs: Ignoring removed orlov option
[ 1521.115826][T27908] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1521.120930][T27437] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1521.139830][T27437] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1521.158955][T27893] EXT4-fs warning (device loop8): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1521.184141][T27437] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1521.243870][T27893] EXT4-fs (loop8): mount failed
[ 1521.294124][T27437] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1521.406700][T27437] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1521.441670][T27437] 8021q: adding VLAN 0 to HW filter on device team0
[ 1521.476144][   T66] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1521.483320][   T66] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1521.501173][ T4712] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1521.508412][ T4712] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1521.627896][T27437] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1521.638337][T27437] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1521.653931][T12293] unregister_netdevice: waiting for vcan0 to become free. Usage count = 2
[ 1521.910325][T27437] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1522.050079][T27957] loop9: detected capacity change from 0 to 128
[ 1522.217424][T27954] loop2: detected capacity change from 0 to 8192
[ 1522.241554][T18541] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1522.328425][T27976] loop7: detected capacity change from 0 to 1024
[ 1522.343911][T27976] EXT4-fs: Ignoring removed orlov option
[ 1522.432769][T27981] loop2: detected capacity change from 0 to 512
[ 1522.443386][T27983] netlink: 'syz.8.27068': attribute type 8 has an invalid length.
[ 1522.451535][T27976] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1522.461856][T27983] loop8: detected capacity change from 0 to 512
[ 1522.475273][T27981] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1522.488610][T27981] ext4 filesystem being mounted at /285/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1522.491528][T27983] EXT4-fs warning (device loop8): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1522.514739][T27981] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #2: comm syz.2.27066: corrupted inode contents
[ 1522.527368][T27981] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #2: comm syz.2.27066: mark_inode_dirty error
[ 1522.544173][T27983] EXT4-fs (loop8): mount failed
[ 1522.545417][T27437] veth0_vlan: entered promiscuous mode
[ 1522.553303][T27981] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #2: comm syz.2.27066: corrupted inode contents
[ 1522.569582][T27981] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #2: comm syz.2.27066: mark_inode_dirty error
[ 1522.588905][T27437] veth1_vlan: entered promiscuous mode
[ 1522.610290][T27437] veth0_macvtap: entered promiscuous mode
[ 1522.627574][T27437] veth1_macvtap: entered promiscuous mode
[ 1522.653467][T27437] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1522.667572][T27437] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1522.667908][T20125] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1522.679131][T27437] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1522.692830][T27437] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1522.701680][T27437] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1522.710451][T27437] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1522.772070][T28008] loop9: detected capacity change from 0 to 8192
[ 1522.780055][T28013] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[ 1522.780055][T28013]    program syz.2.27070 not setting count and/or reply_len properly
[ 1522.824514][T28008]  loop9: p1 p4 < >
[ 1522.829121][T28008] loop9: p1 start 4261412864 is beyond EOD, truncated
[ 1522.871652][T28008] serio: Serial port ptm0
[ 1522.881826][T28027] loop2: detected capacity change from 0 to 1024
[ 1522.891577][T28027] EXT4-fs: Ignoring removed orlov option
[ 1522.903689][T28027] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1522.920807][T28032] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1522.931503][T18541] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1522.960486][T28038] loop7: detected capacity change from 0 to 128
[ 1522.975687][T28043] netlink: 'syz.9.27076': attribute type 10 has an invalid length.
[ 1522.984149][T28043] veth0_macvtap: entered promiscuous mode
[ 1522.991682][T28043] team0: Device macvtap0 failed to register rx_handler
[ 1522.999155][T28043] veth0_macvtap: left promiscuous mode
[ 1523.041903][T28047] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1523.057928][T28047] loop9: detected capacity change from 0 to 1024
[ 1523.065019][T28047] EXT4-fs: Ignoring removed orlov option
[ 1523.103938][T28047] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1523.241693][T28053] bridge0: entered promiscuous mode
[ 1523.247148][T28053] macsec1: entered promiscuous mode
[ 1523.254362][T28053] bridge0: port 3(macsec1) entered blocking state
[ 1523.260855][T28053] bridge0: port 3(macsec1) entered disabled state
[ 1523.270471][T28053] macsec1: entered allmulticast mode
[ 1523.275919][T28053] bridge0: entered allmulticast mode
[ 1523.282820][T28053] macsec1: left allmulticast mode
[ 1523.287897][T28053] bridge0: left allmulticast mode
[ 1523.323912][T28053] bridge0: left promiscuous mode
[ 1523.391242][T28069] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[ 1523.391242][T28069]    program syz.8.27080 not setting count and/or reply_len properly
[ 1523.428812][T28067] sd 0:0:1:0: device reset
[ 1523.482845][T20125] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1523.507837][T28075] FAULT_INJECTION: forcing a failure.
[ 1523.507837][T28075] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1523.521075][T28075] CPU: 1 UID: 0 PID: 28075 Comm: syz.8.27084 Tainted: G        W           6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(voluntary) 
[ 1523.521186][T28075] Tainted: [W]=WARN
[ 1523.521194][T28075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1523.521209][T28075] Call Trace:
[ 1523.521216][T28075]  <TASK>
[ 1523.521224][T28075]  __dump_stack+0x1d/0x30
[ 1523.521249][T28075]  dump_stack_lvl+0xe8/0x140
[ 1523.521271][T28075]  dump_stack+0x15/0x1b
[ 1523.521297][T28075]  should_fail_ex+0x265/0x280
[ 1523.521329][T28075]  should_fail+0xb/0x20
[ 1523.521358][T28075]  should_fail_usercopy+0x1a/0x20
[ 1523.521392][T28075]  _copy_from_user+0x1c/0xb0
[ 1523.521493][T28075]  ___sys_sendmsg+0xc1/0x1d0
[ 1523.521585][T28075]  __x64_sys_sendmsg+0xd4/0x160
[ 1523.521638][T28075]  x64_sys_call+0x2999/0x2fb0
[ 1523.521660][T28075]  do_syscall_64+0xd2/0x200
[ 1523.521693][T28075]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[ 1523.521801][T28075]  ? clear_bhb_loop+0x40/0x90
[ 1523.521822][T28075]  ? clear_bhb_loop+0x40/0x90
[ 1523.521845][T28075]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1523.521866][T28075] RIP: 0033:0x7f6d10ade929
[ 1523.521883][T28075] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1523.521945][T28075] RSP: 002b:00007f6d0f147038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1523.521967][T28075] RAX: ffffffffffffffda RBX: 00007f6d10d05fa0 RCX: 00007f6d10ade929
[ 1523.521980][T28075] RDX: 0000000004000010 RSI: 0000200000000380 RDI: 0000000000000005
[ 1523.521994][T28075] RBP: 00007f6d0f147090 R08: 0000000000000000 R09: 0000000000000000
[ 1523.522032][T28075] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1523.522044][T28075] R13: 0000000000000000 R14: 00007f6d10d05fa0 R15: 00007ffd1725f868
[ 1523.522064][T28075]  </TASK>
[ 1523.721318][T28079] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[ 1523.721318][T28079]    program syz.2.27083 not setting count and/or reply_len properly
[ 1523.753212][   T29] kauditd_printk_skb: 457 callbacks suppressed
[ 1523.753238][   T29] audit: type=1326 audit(2000000961.213:130958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28078 comm="syz.2.27083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa58e91e929 code=0x7ffc0000
[ 1523.783746][   T29] audit: type=1326 audit(2000000961.213:130959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28078 comm="syz.2.27083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa58e91e929 code=0x7ffc0000
[ 1523.796162][T28081] loop8: detected capacity change from 0 to 1024
[ 1523.810659][   T29] audit: type=1326 audit(2000000961.273:130960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28078 comm="syz.2.27083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=265 compat=0 ip=0x7fa58e91e929 code=0x7ffc0000
[ 1523.817687][T16435] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1523.837715][   T29] audit: type=1326 audit(2000000961.273:130961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28078 comm="syz.2.27083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa58e91e929 code=0x7ffc0000
[ 1523.849592][T28081] EXT4-fs: Ignoring removed orlov option
[ 1523.871137][   T29] audit: type=1326 audit(2000000961.273:130962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28078 comm="syz.2.27083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa58e91e929 code=0x7ffc0000
[ 1523.882925][T28081] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1523.900670][   T29] audit: type=1326 audit(2000000961.333:130963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28078 comm="syz.2.27083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa58e91e929 code=0x7ffc0000
[ 1523.936898][   T29] audit: type=1326 audit(2000000961.333:130964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28078 comm="syz.2.27083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa58e91e929 code=0x7ffc0000
[ 1523.960733][   T29] audit: type=1326 audit(2000000961.333:130965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28078 comm="syz.2.27083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa58e91e929 code=0x7ffc0000
[ 1523.984547][   T29] audit: type=1326 audit(2000000961.333:130966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28078 comm="syz.2.27083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fa58e91e929 code=0x7ffc0000
[ 1524.008480][   T29] audit: type=1326 audit(2000000961.333:130967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28078 comm="syz.2.27083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa58e91e929 code=0x7ffc0000
[ 1524.069647][T28089] loop2: detected capacity change from 0 to 1024
[ 1524.091894][T28089] EXT4-fs: Ignoring removed orlov option
[ 1524.102042][T28089] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1524.144429][T28088] loop9: detected capacity change from 0 to 8192
[ 1524.173766][   T66] tipc: Disabling bearer <udp:syz2>
[ 1524.179106][   T66] tipc: Left network mode
[ 1524.193148][T28088]  loop9: p1 < > p2 p4
[ 1524.197316][T28088] loop9: partition table partially beyond EOD, truncated
[ 1524.223120][T28088] loop9: p1 start 408832 is beyond EOD, truncated
[ 1524.229641][T28088] loop9: p2 size 8388352 extends beyond EOD, truncated
[ 1524.276100][   T66] hsr_slave_0: left promiscuous mode
[ 1524.286629][   T66] hsr_slave_1: left promiscuous mode
[ 1524.526234][T28109] delete_channel: no stack
[ 1524.536696][T28109] loop9: detected capacity change from 0 to 1024
[ 1524.603811][T28109] EXT4-fs (loop9): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[ 1524.617385][T20673] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1524.633679][T28109] EXT4-fs (loop9): revision level too high, forcing read-only mode
[ 1524.651034][T28109] EXT4-fs (loop9): orphan cleanup on readonly fs
[ 1524.668868][T28109] EXT4-fs error (device loop9) in ext4_reserve_inode_write:6255: Corrupt filesystem
[ 1524.716833][T20125] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1524.731640][T28109] EXT4-fs (loop9): Remounting filesystem read-only
[ 1524.749463][T28120] loop8: detected capacity change from 0 to 1024
[ 1524.749994][T28109] EXT4-fs (loop9): 1 truncate cleaned up
[ 1524.760480][T28120] EXT4-fs: Ignoring removed orlov option
[ 1524.768407][T28109] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1524.792584][T28120] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1524.839158][T16435] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1525.019544][T28141] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=28141 comm=syz.5.27092
[ 1525.453179][T28140] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1525.528262][T28140] loop9: detected capacity change from 0 to 1024
[ 1525.543702][T28140] EXT4-fs: Ignoring removed orlov option
[ 1525.568825][T28140] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1525.610590][T28149] loop7: detected capacity change from 0 to 8192
[ 1525.743372][T28149]  loop7: p1 < > p2 p4
[ 1525.747551][T28149] loop7: partition table partially beyond EOD, truncated
[ 1525.768624][T20673] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1525.778103][T28149] loop7: p1 start 408832 is beyond EOD, truncated
[ 1525.784722][T28149] loop7: p2 size 8388352 extends beyond EOD, truncated
[ 1525.850171][T28170] loop2: detected capacity change from 0 to 164
[ 1525.857958][T28170] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[ 1525.870359][T16435] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1525.924769][T28184] netlink: 24 bytes leftover after parsing attributes in process `syz.7.27109'.
[ 1525.981328][T28182] SELinux: failed to load policy
[ 1526.034655][T28195] netlink: 'syz.8.27113': attribute type 8 has an invalid length.
[ 1526.056147][T28195] loop8: detected capacity change from 0 to 512
[ 1526.067427][T28204] SELinux:  policydb magic number 0x4 does not match expected magic number 0xf97cff8c
[ 1526.078128][T28204] SELinux: failed to load policy
[ 1526.080688][T28195] EXT4-fs warning (device loop8): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1526.098630][T28195] EXT4-fs (loop8): mount failed
[ 1526.156738][T28225] FAULT_INJECTION: forcing a failure.
[ 1526.156738][T28225] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1526.170085][T28225] CPU: 0 UID: 0 PID: 28225 Comm: syz.7.27117 Tainted: G        W           6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(voluntary) 
[ 1526.170173][T28225] Tainted: [W]=WARN
[ 1526.170182][T28225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1526.170197][T28225] Call Trace:
[ 1526.170206][T28225]  <TASK>
[ 1526.170215][T28225]  __dump_stack+0x1d/0x30
[ 1526.170242][T28225]  dump_stack_lvl+0xe8/0x140
[ 1526.170266][T28225]  dump_stack+0x15/0x1b
[ 1526.170347][T28225]  should_fail_ex+0x265/0x280
[ 1526.170411][T28225]  should_fail_alloc_page+0xf2/0x100
[ 1526.170442][T28225]  __alloc_frozen_pages_noprof+0xff/0x360
[ 1526.170487][T28225]  alloc_pages_mpol+0xb3/0x250
[ 1526.170565][T28225]  vma_alloc_folio_noprof+0x1aa/0x300
[ 1526.170606][T28225]  handle_mm_fault+0xec2/0x2be0
[ 1526.170676][T28225]  ? check_vma_flags+0x315/0x340
[ 1526.170759][T28225]  __get_user_pages+0x1036/0x1fb0
[ 1526.170817][T28225]  __mm_populate+0x243/0x3a0
[ 1526.170845][T28225]  do_mlock+0x47f/0x520
[ 1526.170912][T28225]  ? __bpf_trace_sys_enter+0x10/0x30
[ 1526.170947][T28225]  ? trace_sys_enter+0xd0/0x110
[ 1526.170978][T28225]  __x64_sys_mlock2+0x71/0x90
[ 1526.171056][T28225]  x64_sys_call+0x277e/0x2fb0
[ 1526.171077][T28225]  do_syscall_64+0xd2/0x200
[ 1526.171157][T28225]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[ 1526.171190][T28225]  ? clear_bhb_loop+0x40/0x90
[ 1526.171218][T28225]  ? clear_bhb_loop+0x40/0x90
[ 1526.171257][T28225]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1526.171284][T28225] RIP: 0033:0x7f93c274e929
[ 1526.171303][T28225] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1526.171327][T28225] RSP: 002b:00007f93c0db7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000145
[ 1526.171352][T28225] RAX: ffffffffffffffda RBX: 00007f93c2975fa0 RCX: 00007f93c274e929
[ 1526.171438][T28225] RDX: 0000000000000000 RSI: 0000000000001000 RDI: 0000200000fff000
[ 1526.171451][T28225] RBP: 00007f93c0db7090 R08: 0000000000000000 R09: 0000000000000000
[ 1526.171466][T28225] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1526.171493][T28225] R13: 0000000000000000 R14: 00007f93c2975fa0 R15: 00007ffcfabc47b8
[ 1526.171595][T28225]  </TASK>
[ 1526.172891][T28226] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1526.248263][T28231] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=28231 comm=syz.5.27119
[ 1526.258380][T28232] loop9: detected capacity change from 0 to 1024
[ 1526.422806][T28235] bridge0: entered promiscuous mode
[ 1526.428073][T28235] macsec1: entered promiscuous mode
[ 1526.435418][T28235] bridge0: port 3(macsec1) entered blocking state
[ 1526.441995][T28235] bridge0: port 3(macsec1) entered disabled state
[ 1526.449662][T28235] macsec1: entered allmulticast mode
[ 1526.455058][T28235] bridge0: entered allmulticast mode
[ 1526.460940][T28232] EXT4-fs: Ignoring removed orlov option
[ 1526.470343][T28232] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1526.484256][T28235] macsec1: left allmulticast mode
[ 1526.489457][T28235] bridge0: left allmulticast mode
[ 1526.496453][T28235] bridge0: left promiscuous mode
[ 1526.757129][T28251] xt_hashlimit: max too large, truncated to 1048576
[ 1526.774716][T16435] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1526.775047][T28251] xt_limit: Overflow, try lower: 0/0
[ 1526.829763][T28263] loop2: detected capacity change from 0 to 512
[ 1526.838174][T28261] xt_connbytes: Forcing CT accounting to be enabled
[ 1526.839004][T28263] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1526.857327][T28263] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1526.868537][T28261] Cannot find set identified by id 0 to match
[ 1526.871413][T28263] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[ 1526.915762][T28263] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c11c, mo2=0002]
[ 1526.927602][T28269] netlink: 'syz.8.27128': attribute type 8 has an invalid length.
[ 1526.936042][T28263] System zones: 1-12
[ 1526.954801][T28261] netlink: 'syz.9.27125': attribute type 1 has an invalid length.
[ 1526.960823][T28263] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.27126: corrupted in-inode xattr: e_value size too large
[ 1526.962717][T28261] netlink: 224 bytes leftover after parsing attributes in process `syz.9.27125'.
[ 1526.997651][T28269] loop8: detected capacity change from 0 to 512
[ 1527.013527][T28272] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[ 1527.013527][T28272]    program syz.7.27129 not setting count and/or reply_len properly
[ 1527.020785][T28263] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.27126: couldn't read orphan inode 15 (err -117)
[ 1527.064105][T28269] EXT4-fs warning (device loop8): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1527.089257][T28269] EXT4-fs (loop8): mount failed
[ 1527.094769][T28263] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1527.272665][T28286] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1527.316420][T20125] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1527.381776][T28298] loop9: detected capacity change from 0 to 128
[ 1527.521556][T15336] bio_check_eod: 560 callbacks suppressed
[ 1527.521574][T15336] kworker/u8:16: attempt to access beyond end of device
[ 1527.521574][T15336] loop9: rw=1, sector=137, nr_sectors = 8 limit=128
[ 1527.601691][T15336] kworker/u8:16: attempt to access beyond end of device
[ 1527.601691][T15336] loop9: rw=1, sector=153, nr_sectors = 8 limit=128
[ 1527.618983][T15336] kworker/u8:16: attempt to access beyond end of device
[ 1527.618983][T15336] loop9: rw=1, sector=169, nr_sectors = 8 limit=128
[ 1527.632628][T15336] kworker/u8:16: attempt to access beyond end of device
[ 1527.632628][T15336] loop9: rw=1, sector=185, nr_sectors = 8 limit=128
[ 1527.674467][T15336] kworker/u8:16: attempt to access beyond end of device
[ 1527.674467][T15336] loop9: rw=1, sector=201, nr_sectors = 8 limit=128
[ 1527.700426][T15336] kworker/u8:16: attempt to access beyond end of device
[ 1527.700426][T15336] loop9: rw=1, sector=217, nr_sectors = 8 limit=128
[ 1527.736158][T28322] netlink: 'syz.7.27141': attribute type 13 has an invalid length.
[ 1527.737847][T15336] kworker/u8:16: attempt to access beyond end of device
[ 1527.737847][T15336] loop9: rw=1, sector=233, nr_sectors = 8 limit=128
[ 1527.780297][T28322] gretap0: refused to change device tx_queue_len
[ 1527.786737][T28322] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[ 1527.824618][T15336] kworker/u8:16: attempt to access beyond end of device
[ 1527.824618][T15336] loop9: rw=1, sector=249, nr_sectors = 8 limit=128
[ 1527.879366][T28328] netlink: 'syz.8.27142': attribute type 10 has an invalid length.
[ 1527.888119][T28328] netlink: 156 bytes leftover after parsing attributes in process `syz.8.27142'.
[ 1527.897878][T28331] loop7: detected capacity change from 0 to 128
[ 1527.908849][T15336] kworker/u8:16: attempt to access beyond end of device
[ 1527.908849][T15336] loop9: rw=1, sector=265, nr_sectors = 8 limit=128
[ 1527.922790][T28331] EXT4-fs (loop7): couldn't mount as ext3 due to feature incompatibilities
[ 1527.932210][T28334] netlink: 20 bytes leftover after parsing attributes in process `syz.8.27142'.
[ 1527.941836][T15336] kworker/u8:16: attempt to access beyond end of device
[ 1527.941836][T15336] loop9: rw=1, sector=281, nr_sectors = 8 limit=128
[ 1527.958534][T28332] FAULT_INJECTION: forcing a failure.
[ 1527.958534][T28332] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1527.964413][T28331] bridge: RTM_NEWNEIGH with invalid ether address
[ 1527.971737][T28332] CPU: 1 UID: 0 PID: 28332 Comm: syz.2.27143 Tainted: G        W           6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(voluntary) 
[ 1527.971787][T28332] Tainted: [W]=WARN
[ 1527.971798][T28332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1527.971815][T28332] Call Trace:
[ 1527.971824][T28332]  <TASK>
[ 1527.971835][T28332]  __dump_stack+0x1d/0x30
[ 1527.971865][T28332]  dump_stack_lvl+0xe8/0x140
[ 1527.971908][T28332]  dump_stack+0x15/0x1b
[ 1527.971929][T28332]  should_fail_ex+0x265/0x280
[ 1527.971970][T28332]  should_fail+0xb/0x20
[ 1527.972005][T28332]  should_fail_usercopy+0x1a/0x20
[ 1527.972092][T28332]  _copy_from_user+0x1c/0xb0
[ 1527.972118][T28332]  ___sys_sendmsg+0xc1/0x1d0
[ 1527.972181][T28332]  __x64_sys_sendmsg+0xd4/0x160
[ 1527.972305][T28332]  x64_sys_call+0x2999/0x2fb0
[ 1527.972333][T28332]  do_syscall_64+0xd2/0x200
[ 1527.972375][T28332]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[ 1527.972422][T28332]  ? clear_bhb_loop+0x40/0x90
[ 1527.972474][T28332]  ? clear_bhb_loop+0x40/0x90
[ 1527.972503][T28332]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1527.972542][T28332] RIP: 0033:0x7fa58e91e929
[ 1527.972559][T28332] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1527.972655][T28332] RSP: 002b:00007fa58cf87038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1527.972679][T28332] RAX: ffffffffffffffda RBX: 00007fa58eb45fa0 RCX: 00007fa58e91e929
[ 1527.972730][T28332] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 000000000000000b
[ 1527.972747][T28332] RBP: 00007fa58cf87090 R08: 0000000000000000 R09: 0000000000000000
[ 1527.972764][T28332] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1527.972814][T28332] R13: 0000000000000000 R14: 00007fa58eb45fa0 R15: 00007ffecfea65d8
[ 1527.972838][T28332]  </TASK>
[ 1528.412986][T28354] FAULT_INJECTION: forcing a failure.
[ 1528.412986][T28354] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1528.426115][T28354] CPU: 0 UID: 0 PID: 28354 Comm: syz.9.27149 Tainted: G        W           6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(voluntary) 
[ 1528.426217][T28354] Tainted: [W]=WARN
[ 1528.426224][T28354] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1528.426236][T28354] Call Trace:
[ 1528.426244][T28354]  <TASK>
[ 1528.426254][T28354]  __dump_stack+0x1d/0x30
[ 1528.426280][T28354]  dump_stack_lvl+0xe8/0x140
[ 1528.426304][T28354]  dump_stack+0x15/0x1b
[ 1528.426380][T28354]  should_fail_ex+0x265/0x280
[ 1528.426416][T28354]  should_fail+0xb/0x20
[ 1528.426444][T28354]  should_fail_usercopy+0x1a/0x20
[ 1528.426507][T28354]  _copy_to_user+0x20/0xa0
[ 1528.426554][T28354]  simple_read_from_buffer+0xb5/0x130
[ 1528.426589][T28354]  proc_fail_nth_read+0x100/0x140
[ 1528.426622][T28354]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1528.426739][T28354]  vfs_read+0x1a0/0x6f0
[ 1528.426774][T28354]  ? kmem_cache_free+0xdf/0x300
[ 1528.426802][T28354]  ? __pfx___bpf_trace_sys_enter+0x10/0x10
[ 1528.426899][T28354]  ksys_read+0xda/0x1a0
[ 1528.426947][T28354]  __x64_sys_read+0x40/0x50
[ 1528.427006][T28354]  x64_sys_call+0x2d77/0x2fb0
[ 1528.427034][T28354]  do_syscall_64+0xd2/0x200
[ 1528.427066][T28354]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[ 1528.427166][T28354]  ? clear_bhb_loop+0x40/0x90
[ 1528.427192][T28354]  ? clear_bhb_loop+0x40/0x90
[ 1528.427289][T28354]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1528.427373][T28354] RIP: 0033:0x7f9093b2d33c
[ 1528.427392][T28354] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1528.427415][T28354] RSP: 002b:00007f9092176030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1528.427439][T28354] RAX: ffffffffffffffda RBX: 00007f9093d56080 RCX: 00007f9093b2d33c
[ 1528.427456][T28354] RDX: 000000000000000f RSI: 00007f90921760a0 RDI: 0000000000000004
[ 1528.427469][T28354] RBP: 00007f9092176090 R08: 0000000000000000 R09: 0000000000000000
[ 1528.427529][T28354] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1528.427541][T28354] R13: 0000000000000000 R14: 00007f9093d56080 R15: 00007fff88dbe898
[ 1528.427561][T28354]  </TASK>
[ 1528.726653][T28367] netlink: 'syz.2.27152': attribute type 8 has an invalid length.
[ 1528.742466][T28359] loop2: detected capacity change from 0 to 512
[ 1528.761951][T28359] __quota_error: 429 callbacks suppressed
[ 1528.761967][T28359] Quota error (device loop2): v2_read_file_info: Free block number 1 out of range (1, 6).
[ 1528.787244][T28359] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1528.813053][T28359] EXT4-fs (loop2): mount failed
[ 1528.963556][T28383] sd 0:0:1:0: device reset
[ 1529.073906][T28389] netlink: 'syz.8.27158': attribute type 10 has an invalid length.
[ 1529.083174][T28389] netlink: 156 bytes leftover after parsing attributes in process `syz.8.27158'.
[ 1529.093429][T28389] netlink: 20 bytes leftover after parsing attributes in process `syz.8.27158'.
[ 1529.157161][   T29] audit: type=1400 audit(2000000966.615:131393): avc:  denied  { unmount } for  pid=20673 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[ 1529.277119][T28398] loop8: detected capacity change from 0 to 256
[ 1529.292959][T28398] FAT-fs (loop8): codepage cp857 not found
[ 1529.303100][T28398] loop8: detected capacity change from 0 to 512
[ 1529.309524][T28398] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1529.316290][T28398] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[ 1529.327316][T28398] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002]
[ 1529.335306][T28398] System zones: 1-12
[ 1529.341772][T28398] EXT4-fs (loop8): 1 truncate cleaned up
[ 1529.347819][T28398] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1529.384960][   T29] audit: type=1326 audit(2000000966.845:131394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28407 comm="syz.5.27163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c27fee929 code=0x7ffc0000
[ 1529.386616][T28408] netlink: 'syz.5.27163': attribute type 8 has an invalid length.
[ 1529.410676][   T29] audit: type=1326 audit(2000000966.845:131395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28407 comm="syz.5.27163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c27fee929 code=0x7ffc0000
[ 1529.440562][   T29] audit: type=1326 audit(2000000966.845:131396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28407 comm="syz.5.27163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2c27fee929 code=0x7ffc0000
[ 1529.464417][   T29] audit: type=1326 audit(2000000966.845:131397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28407 comm="syz.5.27163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c27fee929 code=0x7ffc0000
[ 1529.488154][   T29] audit: type=1326 audit(2000000966.845:131398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28407 comm="syz.5.27163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2c27fee929 code=0x7ffc0000
[ 1529.512007][   T29] audit: type=1326 audit(2000000966.845:131399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28407 comm="syz.5.27163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c27fee929 code=0x7ffc0000
[ 1529.535798][   T29] audit: type=1326 audit(2000000966.845:131400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28407 comm="syz.5.27163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2c27fee929 code=0x7ffc0000
[ 1529.559589][   T29] audit: type=1326 audit(2000000966.845:131401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28407 comm="syz.5.27163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c27fee929 code=0x7ffc0000
[ 1529.593974][T28411] 9pnet_fd: Insufficient options for proto=fd
[ 1530.055607][T20673] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1530.240771][ T2873] usb usb6-port1: attempt power cycle
[ 1530.264288][T28425] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1530.476025][T28432] 9pnet_fd: Insufficient options for proto=fd
[ 1530.483743][T28432] loop8: detected capacity change from 0 to 128
[ 1530.492371][T28432] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1530.507718][T28432] ext4 filesystem being mounted at /358/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1530.624339][T20673] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1530.683654][T28445] netlink: 'syz.8.27171': attribute type 10 has an invalid length.
[ 1530.692200][T28445] netlink: 156 bytes leftover after parsing attributes in process `syz.8.27171'.
[ 1530.700533][T28438] lo speed is unknown, defaulting to 1000
[ 1530.749951][T28465] netlink: 20 bytes leftover after parsing attributes in process `syz.8.27171'.
[ 1530.881379][T28469] SELinux: failed to load policy
[ 1531.219748][T28480] 9pnet_fd: Insufficient options for proto=fd
[ 1531.227089][T28480] loop2: detected capacity change from 0 to 128
[ 1531.235213][T28480] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1531.249504][T28480] ext4 filesystem being mounted at /310/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1531.297095][T20125] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1531.388800][T28494] sd 0:0:1:0: device reset
[ 1531.496881][T28496] netlink: 28 bytes leftover after parsing attributes in process `syz.5.27183'.
[ 1531.576401][T28500] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1531.583666][T28500] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1531.622944][T28500] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1531.633355][T28500] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1531.661928][T28500] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1531.671109][T28500] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1531.680102][T28500] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1531.689300][T28500] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1531.800924][T28505] netlink: 'syz.5.27186': attribute type 8 has an invalid length.
[ 1531.885460][T28511] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1531.899903][T28511] loop8: detected capacity change from 0 to 1024
[ 1531.906614][T28511] EXT4-fs: Ignoring removed orlov option
[ 1531.914641][T28511] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1531.987982][T28511] ==================================================================
[ 1531.996097][T28511] BUG: KCSAN: data-race in __mark_inode_dirty / writeback_single_inode
[ 1532.004353][T28511] 
[ 1532.006698][T28511] write to 0xffff888119f15bb0 of 4 bytes by task 28515 on cpu 1:
[ 1532.014445][T28511]  writeback_single_inode+0x14a/0x3e0
[ 1532.019830][T28511]  sync_inode_metadata+0x5b/0x90
[ 1532.024774][T28511]  generic_buffers_fsync_noflush+0xd9/0x120
[ 1532.030683][T28511]  ext4_sync_file+0x1ab/0x690
[ 1532.035371][T28511]  vfs_fsync_range+0x10d/0x130
[ 1532.040161][T28511]  ext4_buffered_write_iter+0x34f/0x3c0
[ 1532.045716][T28511]  ext4_file_write_iter+0x383/0xf00
[ 1532.050925][T28511]  iter_file_splice_write+0x5f2/0x970
[ 1532.056357][T28511]  direct_splice_actor+0x153/0x2a0
[ 1532.061526][T28511]  splice_direct_to_actor+0x30f/0x680
[ 1532.066928][T28511]  do_splice_direct+0xda/0x150
[ 1532.071792][T28511]  do_sendfile+0x380/0x650
[ 1532.076218][T28511]  __x64_sys_sendfile64+0x105/0x150
[ 1532.081430][T28511]  x64_sys_call+0xb39/0x2fb0
[ 1532.086030][T28511]  do_syscall_64+0xd2/0x200
[ 1532.090557][T28511]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1532.096479][T28511] 
[ 1532.098803][T28511] read to 0xffff888119f15bb0 of 4 bytes by task 28511 on cpu 0:
[ 1532.106438][T28511]  __mark_inode_dirty+0x52/0x760
[ 1532.111453][T28511]  ext4_write_inline_data_end+0x3e5/0x5f0
[ 1532.117203][T28511]  ext4_write_end+0x4cd/0x730
[ 1532.121897][T28511]  generic_perform_write+0x30f/0x490
[ 1532.127187][T28511]  ext4_buffered_write_iter+0x1ee/0x3c0
[ 1532.132741][T28511]  ext4_file_write_iter+0x383/0xf00
[ 1532.137951][T28511]  iter_file_splice_write+0x5f2/0x970
[ 1532.143368][T28511]  direct_splice_actor+0x153/0x2a0
[ 1532.148509][T28511]  splice_direct_to_actor+0x30f/0x680
[ 1532.153917][T28511]  do_splice_direct+0xda/0x150
[ 1532.158710][T28511]  do_sendfile+0x380/0x650
[ 1532.163142][T28511]  __x64_sys_sendfile64+0x105/0x150
[ 1532.168363][T28511]  x64_sys_call+0xb39/0x2fb0
[ 1532.172973][T28511]  do_syscall_64+0xd2/0x200
[ 1532.177513][T28511]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1532.183425][T28511] 
[ 1532.185755][T28511] value changed: 0x00000038 -> 0x00000002
[ 1532.191488][T28511] 
[ 1532.193822][T28511] Reported by Kernel Concurrency Sanitizer on:
[ 1532.199986][T28511] CPU: 0 UID: 0 PID: 28511 Comm: syz.8.27188 Tainted: G        W           6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(voluntary) 
[ 1532.214152][T28511] Tainted: [W]=WARN
[ 1532.217967][T28511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1532.228030][T28511] ==================================================================
[ 1532.239891][ T2873] usb usb6-port1: unable to enumerate USB device
[ 1532.252233][T28345] hub 6-0:1.0: USB hub found
[ 1532.257505][T28345] hub 6-0:1.0: 8 ports detected
[ 1532.332014][T28511] ==================================================================
[ 1532.340160][T28511] BUG: KCSAN: data-race in vfs_fsync_range / writeback_single_inode
[ 1532.348189][T28511] 
[ 1532.350527][T28511] write to 0xffff888119f15bb0 of 4 bytes by task 28515 on cpu 0:
[ 1532.358263][T28511]  writeback_single_inode+0x14a/0x3e0
[ 1532.363659][T28511]  sync_inode_metadata+0x5b/0x90
[ 1532.368615][T28511]  generic_buffers_fsync_noflush+0xd9/0x120
[ 1532.374530][T28511]  ext4_sync_file+0x1ab/0x690
[ 1532.379260][T28511]  vfs_fsync_range+0x10d/0x130
[ 1532.384040][T28511]  ext4_buffered_write_iter+0x34f/0x3c0
[ 1532.389603][T28511]  ext4_file_write_iter+0x383/0xf00
[ 1532.394826][T28511]  iter_file_splice_write+0x5f2/0x970
[ 1532.400217][T28511]  direct_splice_actor+0x153/0x2a0
[ 1532.405370][T28511]  splice_direct_to_actor+0x30f/0x680
[ 1532.410755][T28511]  do_splice_direct+0xda/0x150
[ 1532.415528][T28511]  do_sendfile+0x380/0x650
[ 1532.420050][T28511]  __x64_sys_sendfile64+0x105/0x150
[ 1532.425258][T28511]  x64_sys_call+0xb39/0x2fb0
[ 1532.429855][T28511]  do_syscall_64+0xd2/0x200
[ 1532.434379][T28511]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1532.440348][T28511] 
[ 1532.442687][T28511] read to 0xffff888119f15bb0 of 4 bytes by task 28511 on cpu 1:
[ 1532.450330][T28511]  vfs_fsync_range+0x9b/0x130
[ 1532.455030][T28511]  ext4_buffered_write_iter+0x34f/0x3c0
[ 1532.460604][T28511]  ext4_file_write_iter+0x383/0xf00
[ 1532.465814][T28511]  iter_file_splice_write+0x5f2/0x970
[ 1532.471198][T28511]  direct_splice_actor+0x153/0x2a0
[ 1532.476329][T28511]  splice_direct_to_actor+0x30f/0x680
[ 1532.481717][T28511]  do_splice_direct+0xda/0x150
[ 1532.486497][T28511]  do_sendfile+0x380/0x650
[ 1532.490923][T28511]  __x64_sys_sendfile64+0x105/0x150
[ 1532.496135][T28511]  x64_sys_call+0xb39/0x2fb0
[ 1532.500766][T28511]  do_syscall_64+0xd2/0x200
[ 1532.505292][T28511]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1532.511192][T28511] 
[ 1532.513516][T28511] value changed: 0x00000038 -> 0x00000002
[ 1532.519229][T28511] 
[ 1532.521569][T28511] Reported by Kernel Concurrency Sanitizer on:
[ 1532.527736][T28511] CPU: 1 UID: 0 PID: 28511 Comm: syz.8.27188 Tainted: G        W           6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(voluntary) 
[ 1532.541983][T28511] Tainted: [W]=WARN
[ 1532.545798][T28511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1532.555857][T28511] ==================================================================
[ 1532.582555][T20673] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1534.078380][ T2868] usb usb6-port1: attempt power cycle
[ 1535.906535][ T2868] usb usb6-port1: unable to enumerate USB device