last executing test programs:

2m42.230922417s ago: executing program 32 (id=33):
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x22a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1}, 0x10}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
close(0xffffffffffffffff)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
syz_clone(0xc0000000, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040))
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="040000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, 0x0, &(0x7f00000001c0)}, 0x20)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r3}, 0x10)
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x8982, &(0x7f0000000080))
perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x122, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x10000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(0xffffffffffffffff)
openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$sock_SIOCOUTQ(r0, 0x5411, &(0x7f0000000240))
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x8901, 0x0)
ioctl$TUNSETOFFLOAD(r4, 0xc004743e, 0x110c23003f)

2m40.597610296s ago: executing program 0 (id=44):
r0 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0xc, &(0x7f0000000040)=@assoc_value={<r1=>0x0}, &(0x7f0000000000)=0x8)
setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000380)={0x240, 0x5, 0x0, 0x3, 0x1ff, 0x7, 0x6891, 0xb, r1}, 0x20)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000300), r2)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0xfd3e, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000c40), r3)
sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r3, &(0x7f0000000d40)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)={0x34, r4, 0x1, 0x0, 0x0, {0x6, 0x0, 0x900}, [@NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @private}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @multicast1=0xe0000002}, @NLBL_UNLABEL_A_SECCTX={0xf, 0x7, 'unconfined\x00'}]}, 0x34}, 0x2, 0x34005}, 0x0)
socket$rds(0x15, 0x5, 0x0)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="34000000020601030000000000000000000000060500054e9f040000000005000100000005000400010000000500040003000000"], 0x34}, 0x1, 0x0, 0x0, 0x400c040}, 0x14)
r6 = memfd_create(&(0x7f0000000180)='\b\x9dF\xd8\b\xb3~u\xa5\"\xdc\xfdq\xf6c\r;\xfcO\x8c=\x81\xb1\xfa\x8b\x8aWpA\xd4\x98\x85K\x89>N\x8ar\x17O\x0fKR\xe2{mn\xcc\xbf2\xc0\xa7\x14\xd0\xd4\xfe/m\xdf\xb6]\xc2\xaa\x86\xec(\xf7\xcd\xa6\xd9n^.\x13*\xd4\xb8\xe8\xc4\xefb\x14Vx\xc6\xfe\x9e\xee\xe7\xd7E\xe9\t\x83\xdeNX\xec\xe66\x1b\x97$\xee\x845n,B\xd5?\xe5E:+Pm\x1d\xb4\xb8\xeb\xe8Op2\x82\xc7\x0e\x97\x03\xef\x1a\xa5\x00.\x89\b!m\f\xd9\x8b$}\x9f\fX\x81\xa8\xf6\x94\xbc\xed\x80|l]\xe9\xca\xd3\xc9\xa3\x9e\x9cJI\xf1\xa2\xa0\xc4:\x00\x00\x00\x00\x00\x00\b\xfey\bJ\x86\x8d\xdf\x16\xbb3\x85\xf5\xe0zYe\xc2\n\x0f\x87\xc4\x8f\x8e\xec\xee\xcd\f\xe9\xc8\xbc\x97,\xb7!\xf2\x93\xd3\t\xd9=\x93\x1d\x945\x97\x1e\x9d\xa6\xe9\xa6\xf9p,\xf7v>\xcd\xd9\xc4\x1b\x9c(\xb8\x90\xdeg\xbf[n\x82\x96\xaev\xd4\xac \x14\xf0\x18@\xc3\xf1\xe2\x14\x1c\x0f\xa4-\xde\xae\xfa;\xaf\xae\x06\x9ag\x02\x98\xd0C2\xe7?\xfb\xb01\x9d\xf8\xd3Q\xb3\xb2\x18V\xe8\x8c\x87\xf4\t\x1c\x85\xa4\xc1\xb1\xf4k!G\xf5\xbb\xbbs&\xeac\xb3\xafW\x846\v\xb3\xca\xeb\xb7\x9e\x9e#]\x10lj\xaf\xaf\xd1\'{\x11\xaa,\x0f\xc5OY\"\x82\x84\xb6:J\x8c\xf37\x1d\xca\xf1\xef\x9f\xcf\a\xcf\xcb', 0x0)
openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x41, 0x0)
pipe2(&(0x7f0000000040)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x84000)
write$binfmt_misc(r8, &(0x7f0000000b00), 0x91)
mprotect(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0)
splice(r7, 0x0, r6, &(0x7f00000000c0)=0x8008, 0xfff, 0x1)

2m40.464731419s ago: executing program 0 (id=47):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000100)={[{@grpid}, {@barrier}]}, 0xff, 0x48f, &(0x7f0000000b80)="$eJzs3MtvVNUfAPDvvW15/Hi0P0QUBK2gkfhoaUFl4UKNJi40MdEFLmtbEBmooTUR0mgxBpeGxL1xaeJf4M6NURfGxK0mLg0J0caE4qrmvugwnZa2tB3pfD7JdM6Ze+6c8733nplz7+mdANpWb/YnidgeEb9GRHeRvbVAb/E0Mz05fGN6cjiJ2dk3/kzyctenJ4erotV628rM4TQi/SSJ55P59Y5fuHhmqFYbPV/m+yfOvtc/fuHiU6fPDp0aPTV6bvD48WNHB559ZvDpVYkzi+v6vg/H9u995a0rrw2fuPL2D19nzdpzoFheH8dt3WgSUBO92Vb7azbXuOzRZbT9brCjLp10trAhLEtHRGS7qyvv/93REXM7rzte/riljQPWVPbdtHnhxVOzwAaWRKtbALRG9UWfnf9Wj3UaevwnXHshYlOZnpmeHJ65GX9npOXrXWtYf29EnJj654vsEcu9DgEAsAL52ObJZuO/NPbkz8Vcx85yDqUnIv4fEbsi4p6I2B0R90bkZe+LiPuLlWe7l1h/b0N+/vgnvdq0zaskG/89Vzf2m6mLv3zq6ShzO/L4u5KTp2ujR8ptcji6Nmf5gUXq+PalXz5baFn9+C97ZPVXY8GyAVc7Gy7QjQxNDK3WRrh2KWJfZ7P4k5szAdkRsDci9i3vrXdWidOPf7V/oUK3j38RqzDPNPtlxGPF/p+KhvgryeLzk/1bojZ6pL86Kub78efLry9U/x3FvwquHXygSMzt/4YS3X8nxXxtV9Rqo+fHl1/H5d8+XfCcZqXH/6bkzXzO+qd3itc+GJqYOD8QsSl5Nc9X53T564Nz61b5qnx2/B8+1Lz/7yrXyeLPtlJ2EB+IiAcj4qGy7Q9HxMGIOLRI/N+/+Mi7i8SfRBKt2/+XIkaafv7dPP57kvr5+hUkOs58981CM+ZL2//HYir/rC3kn3+3sdQG3uHmAwAAgLtCGhHbI0n7inTv9kjTvr7if/h3x//S2tj4xBMnx94/N1LcI9ATXWl1pau77nroQDJVvmORHyyvFVfLj5bXjT/v2Jrn+4bHaiMtjh3a3bZb+39U/T/zR0erWwesOfdrQftq7P9pi9oBrL+lfP87F4CN6db+vyX7s7VVbQHWl/N/aF/N+v9HDXnjf9iY5vf/35v8ZB2wERn/Q/vS/6F96f/Qlu7kvv6VJ6qbBVb+PluWfId/uySqX7xYy7q2xtwrkbY85DZKZD1mfSud+w0VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAu9m/AQAA//+kuOWe")
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f00000009c0)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000900)='kfree\x00', r0}, 0x18)
creat(&(0x7f0000000200)='./bus\x00', 0x0)
preadv2(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/4096, 0x100000}], 0x2, 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

2m39.815694582s ago: executing program 0 (id=52):
r0 = socket$key(0xf, 0x3, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x9, 0x0, 0x0, 0x40f00, 0x5, '\x00', 0x0, @fallback=0x8ff20c2c10f0093d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
r1 = socket(0x400000000010, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000200)='kfree\x00', r3, 0x0, 0x20000000002}, 0x18)
sendmsg$key(r0, &(0x7f00000007c0)={0x300, 0x0, &(0x7f0000000080)={&(0x7f0000000b00)=ANY=[@ANYBLOB="020a06000300000028bd7008fcd1df25010018"], 0x18}}, 0x40)

2m39.755755838s ago: executing program 0 (id=54):
syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000240)='./file0\x00', 0x0, &(0x7f0000000ac0)=ANY=[@ANYBLOB="75746638006d61703d6f983c756661703d6e6f726d616c2c6909000000f2ff00003dda5de4d586f0df206d65656b416d6f64653d3078303030303010303071303030303030302c73657373696f6e3d307830faffffff30303030303030f4e4b4f82c6d61736b3d4d4159574b50be30c8486470722677b93165cfe6f62127553b2017754598752d977369672c7063723d303030303030303030303030303030303030332c64566e745f6d6561737572652c00000000000000006bbf4d6406b59dbc529c00000000000000fada265ab14119997600a2299d2c35a2efc1bf037787a0d801f26d335ef2ba9ac2423a358ccbb776b21e1d3b", @ANYRESDEC=0x0, @ANYRESHEX], 0xfe, 0x677, &(0x7f0000000c00)="$eJzs3UtvG9fdx/HfUNT1AYwHbREYhmOd2A0goy5NUrECwV2UHQ6lSUkOMUMV0ipwYykwTDmt7QK1Nqk2vQDtG+gumyz6Igp0nXXfQJcFgnZXoBsWc+NFnBFp3ew234+Q8HDOf+b85+I5GpFzRgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQJZdL5crlppue2fX5LPrvtc6pT5e2rzuxoW7U9uVrPA/LS3pejzp+neG1e+E/7utm/G7m1oKX5Z09H/v/P/DbxcL6fynJHQWet0Fvnh19PRRr7f//Gyt9a2zzHcpJjJRYYa5tpy2G3huq7blGDfwzObGRvn+diMwDbfpBHtB12kZ23cKXc83a/ZdU9ncXDdOac/baW/Va00nnfjh96vl8ob5aDHZ/fc/KgX2tttsuu2tKCasDmMWB0eIU2sZc/Ckt78+LckwqDJLUHVaULVcrVYq1Wpl48Hmgw/L5eLEhPIJmogYHrRvz87HVbqgMzdwfoWw//+bJTW1pLZ2tCuT+WOrLl+eWjn1ibT/f/++c2q7o/1/2stfH1bfUNT/34rf3crr/3NyMTLRDFk1Vs70s/280Csd6akeqaee9vX8Ypa7enEZXu7PllSUXAXy5KqlmrbkyCRTjDa1oQ2V9bG21VAgo4ZcNeUo0J4CdeWoFe0TX45q6sqTL6M12boro4o2tal1GTkqaU+edtTWluqq6V/9fv9AT6Ltvn5KjkqDKrMEFQfH4GRQXv//08/jOV6v/8f/nsGxM0MM8Mb1k+v/fHNZE1cvLyMAAAAAAHDRrOiv71b02f27kvpquE2n/KbTAgAAAAAAFyj65P9m+DIflt6VlXP937/63AAAAAAAwMWwonvsLEkr0Zf6reGdULN8CSDz5gAAAAAAAPB2iT7/v7Ug9aOh1VZlvdb1PwAAAAAA+C/w25Ex9ovpGLv99GP9gqSgs2j9+R+L8uet487ud63DWlhTO0xiJr4B0G3csIqKB+qNxutdkBS9s52bVjI+cDIIphUP7Ct9fTBtrH/LP5HAwlz654uMBK4djSSwUUze6fd6L455L2n38VFBUU3cykrDbTol22s+rKhWu1boOrvdXzx78kvJH6znwZPefumTz3qPo1yOw0nHh2Een4+lU5iWy8tovIXonousNV5WI23yd+3WihW1W07Xf061w8JoQ7Ot/691O465vRK/rhyle0DWr5JCpRTtsuHaR6NDWMMsKifXPGtH5GSxFGVxJ465s3Ynfknzi/fC0vfmpGppch/4o1lUR7OYvi2sf05siylZhMfCepjFX8IF5WSx/npZTOwRAHhTDoa9UDSI+eQY+yf73Yyz3HLymnuWm967/3C8lZd/7Mc3HM5JRfUXk+6ln9+vKDyjr8VhC/Eo7sUbGWf0ctKvLCnnjF4+R+8WtvWn4TOQkqfVJDXFQRb/7vf7DytRu3840at+Ec7wRW67QbM6F27C+y8PfxYNgB/6dP/T/WfV6vpG+YNy+UFV89FqJC/0PQCADNOfsTMesTTszwZ99weDq+rHf38/Lo31u98afKWgpE/0mXp6rHvpIwRWs9tdGfkawr3Jq9YwNvqtYzy2onu5V3VRXzoSWx3EziudZfz3hWHs+mXvBgAArtTtKf3wyf4/69r9XnrdvXYj87p7vC8/+YTgvNjKFW8JAAC+ORz/a2ul+xvL993Ox5XNzUqtu+0Y37N/bHy3vuUYt911fHu71t5yTMf3up7tNU3H16JbdwIT7HQ6nt81Dc83HS9wd6Mnv5vk0e+B06q1u64ddJpOLXCM7bW7Nbtr6m5gm87Oj5pusO340cxBx7HdhmvXuq7XNoG3LNspGRM4zkigW3faXbfhhsW26fhuq+bvmZ94zZ2WY+pOYPtup+vFC0zbctsNz29Fiy2pf9qDDgEA+MZ48ero6aNeb//5KYVjxYX0+2hJ1VcZwQtZC3zDqwgAAE6glwYAAAAAAAAAAAAAAAAAAAAA4O03y/1/pxbSmwLTKfPKCJYGU35+baYlWxpO+fKv58rwDIXCySnJSLv96bN/FReKWTHLYWFBUi/d/KMxx1MTm8uYK6+wOtOaKi4UL34bLktZR8KlFX5wMH4cTsSElZlVi4OtWjz/P4eswrMvc6qmH1GL49tw4bQVHC8UJT1fOMcuuNrzEICr958AAAD//7gMOck=")
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000001d80)=@broute={'broute\x00', 0x20, 0x4, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000c0], 0x11, 0x0, &(0x7f00000000c0)=[{0x0, '\x00', 0x0, 0xfffffffc}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}, {0x0, '\x00', 0x4, 0xfffffffffffffffe}]}, 0x108)
r2 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000180), 0x1, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
write$binfmt_register(r2, &(0x7f0000000040)={0x3a, 'syz3', 0x3a, 'E', 0x3a, 0x9, 0x3a, 'M', 0x3a, '^', 0x3a, './file0', 0x3a, [0x46]}, 0x2a)

2m39.609379742s ago: executing program 0 (id=58):
r0 = socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0xb, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4, @perf_config_ext={0x1f5a685c}, 0x4dc8, 0x10000, 0xfffffffc, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x64e8, 0x0, &(0x7f00000002c0)=<r1=>0x0, &(0x7f0000000300))
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
r2 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100202, 0x0, 0xfffffffb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{}, &(0x7f0000000180), &(0x7f00000001c0)=r2}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001240)={&(0x7f0000000240)='kfree\x00', r3, 0x0, 0xfffffffffffffffd}, 0x18)
unshare(0x22020400)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
unshare(0x2060280)
r4 = fsmount(0xffffffffffffffff, 0x0, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000700002c0000000000000004850000002300000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r5}, 0x10)
mq_open(&(0x7f0000000000)='..\x00', 0x0, 0x0, 0x0)
open(&(0x7f0000000740)='./bus\x00', 0x143c62, 0x0)
mount(&(0x7f0000000000), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000300)='trans=rdma,')
r6 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
listen(r6, 0x0)
ioctl$SIOCX25SFACILITIES(r6, 0x89e3, &(0x7f0000000000)={0x42, 0xabe, 0x8, 0x4000000a, 0xffffff80})
r7 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r7, 0x0, 0x8844)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCMSET(r4, 0x5418, &(0x7f00000000c0)=0xffffbdfe)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000001000020029bd7000eaffffff000003e4", @ANYRES32=0x0, @ANYBLOB="03000000c01006002c00128002fd01006d616373656302000000028000000b0005000000000005000f000000000002404e22000000000d000900000005001000df0000002300116f87f7deddf583"], 0x3f}, 0x1, 0x0, 0x0, 0x8000}, 0x4008040)

2m38.251204905s ago: executing program 0 (id=66):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4c, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', <r4=>0x0})
sendmsg$ETHTOOL_MSG_PAUSE_SET(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010026bd7000000000001a0000000c00018008000100", @ANYRES32=r4], 0x20}}, 0x0) (fail_nth: 4)

2m38.251000935s ago: executing program 33 (id=66):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4c, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', <r4=>0x0})
sendmsg$ETHTOOL_MSG_PAUSE_SET(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010026bd7000000000001a0000000c00018008000100", @ANYRES32=r4], 0x20}}, 0x0) (fail_nth: 4)

2m23.477203771s ago: executing program 6 (id=226):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000100)={[{@grpid}, {@barrier}]}, 0xff, 0x48f, &(0x7f0000000b80)="$eJzs3MtvVNUfAPDvvW15/Hi0P0QUBK2gkfhoaUFl4UKNJi40MdEFLmtbEBmooTUR0mgxBpeGxL1xaeJf4M6NURfGxK0mLg0J0caE4qrmvugwnZa2tB3pfD7JdM6Ze+6c8733nplz7+mdANpWb/YnidgeEb9GRHeRvbVAb/E0Mz05fGN6cjiJ2dk3/kzyctenJ4erotV628rM4TQi/SSJ55P59Y5fuHhmqFYbPV/m+yfOvtc/fuHiU6fPDp0aPTV6bvD48WNHB559ZvDpVYkzi+v6vg/H9u995a0rrw2fuPL2D19nzdpzoFheH8dt3WgSUBO92Vb7azbXuOzRZbT9brCjLp10trAhLEtHRGS7qyvv/93REXM7rzte/riljQPWVPbdtHnhxVOzwAaWRKtbALRG9UWfnf9Wj3UaevwnXHshYlOZnpmeHJ65GX9npOXrXWtYf29EnJj654vsEcu9DgEAsAL52ObJZuO/NPbkz8Vcx85yDqUnIv4fEbsi4p6I2B0R90bkZe+LiPuLlWe7l1h/b0N+/vgnvdq0zaskG/89Vzf2m6mLv3zq6ShzO/L4u5KTp2ujR8ptcji6Nmf5gUXq+PalXz5baFn9+C97ZPVXY8GyAVc7Gy7QjQxNDK3WRrh2KWJfZ7P4k5szAdkRsDci9i3vrXdWidOPf7V/oUK3j38RqzDPNPtlxGPF/p+KhvgryeLzk/1bojZ6pL86Kub78efLry9U/x3FvwquHXygSMzt/4YS3X8nxXxtV9Rqo+fHl1/H5d8+XfCcZqXH/6bkzXzO+qd3itc+GJqYOD8QsSl5Nc9X53T564Nz61b5qnx2/B8+1Lz/7yrXyeLPtlJ2EB+IiAcj4qGy7Q9HxMGIOLRI/N+/+Mi7i8SfRBKt2/+XIkaafv7dPP57kvr5+hUkOs58981CM+ZL2//HYir/rC3kn3+3sdQG3uHmAwAAgLtCGhHbI0n7inTv9kjTvr7if/h3x//S2tj4xBMnx94/N1LcI9ATXWl1pau77nroQDJVvmORHyyvFVfLj5bXjT/v2Jrn+4bHaiMtjh3a3bZb+39U/T/zR0erWwesOfdrQftq7P9pi9oBrL+lfP87F4CN6db+vyX7s7VVbQHWl/N/aF/N+v9HDXnjf9iY5vf/35v8ZB2wERn/Q/vS/6F96f/Qlu7kvv6VJ6qbBVb+PluWfId/uySqX7xYy7q2xtwrkbY85DZKZD1mfSud+w0VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAu9m/AQAA//+kuOWe")
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a385000000"], &(0x7f0000000200)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000900)='kfree\x00', r0}, 0x18)
creat(&(0x7f0000000200)='./bus\x00', 0x0)
preadv2(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/4096, 0x100000}], 0x2, 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

2m23.129642444s ago: executing program 6 (id=234):
bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x10, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000001c0)={[{@delalloc}, {@nombcache}, {@barrier}, {@dioread_lock}, {@stripe={'stripe', 0x3d, 0x8}}, {@resgid}, {@data_err_ignore}, {@jqfmt_vfsv0}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001600)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x2, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000015c0)={&(0x7f0000001480)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0xc, [@fwd={0x1}, @union={0x2, 0x1, 0x0, 0x5, 0x0, 0x0, [{0xa, 0x1}]}]}, {0x0, [0x5f, 0x2e, 0x61, 0x30, 0x5f, 0x0, 0x0, 0x0, 0x0, 0x61]}}, &(0x7f0000001540)=""/74, 0x48, 0x4a, 0x1}, 0x28)

2m21.857118478s ago: executing program 6 (id=250):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
symlinkat(&(0x7f0000003040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000aa40)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x18)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)

2m21.517797021s ago: executing program 6 (id=256):
bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x10, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000001c0)={[{@delalloc}, {@nombcache}, {@barrier}, {@dioread_lock}, {@stripe={'stripe', 0x3d, 0x8}}, {@resgid}, {@data_err_ignore}, {@jqfmt_vfsv0}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001600)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x2, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r2}, &(0x7f0000000040), &(0x7f0000000280)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x6, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x200e19}, 0x94)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7, 0x0, 0x0, 0x41100}, 0x95)
r4 = socket$packet(0x11, 0x2, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000feffffff0000000000040000851000000200000085000000230000009500000000000000"], 0x0, 0xfffffffe, 0x0, 0x0, 0x727c45cd4283345, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f0000000180), 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
mount$cgroup(0x0, 0x0, &(0x7f0000000040), 0x0, 0x0)
syz_clone(0x42164000, 0x0, 0x0, 0x0, 0x0, 0x0)

2m20.440003896s ago: executing program 6 (id=268):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000280)='./file1\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0xfb, 0x1219, &(0x7f0000001100)="$eJzs28FrXEUcB/BfkqapqclGrdUWxEEvFeTR5OBFL0FSkC4obSO0gvBqXnTJczfkLYEVsXry6t8hggjeBPGml1z8DwRvuXisID7JrrZd3RVWQjfI53PZH8z7zs7ssAuzzBy+8tn7O9tVtp13Y3ZmJmZ3I9LdFClm4y8fxwsvf//DM9dv3rq63mxuXEvpyvqN1ZdSSsvPfvvWh18891337JtfL3+zEAcrbx/+svbzwfmDC4e/33ivVaVWldqdbsrT7U6nm98ui7TVqnaylN4oi7wqUqtdFXtD7dtlZ3e3l/L21tLi7l5RVSlv99JO0UvdTuru9VL+bt5qpyzL0tJiMLlT96rNz+/WdR1R1/NxOuq6rh+JxTgbj8ZSLEcjVuKxeDyeiHPxZJyPp+Lp+OqnL3tHCQAAAAAAAAAAAAAAAAAAAOD4THr//0L/qWmPGgAAAAAAAAAAAAAAAAAAAP5frt+8dXW92dy4ltKZiPLT/c39zcHroH19O1pRRhGXoxG/Rf/2/8CgvvJac+Ny6luJT8o7f+bv7G/ODedXoxEvjs6vDvJpOL8Qiw/m16IR50bl52NtZP5MXHr+gXwWjfjxnehEGVtxlL3//h+tpvTq682/5S/2nxtv7mEsDwAAAByLLN0zcv+eZePaB/kJ/h8Y2l8fZS+emurUiYiq98FOXpbFnmJkcelkDKNfnD7ODucjYrLUr3VdT/9DmFIx/puyEBH/ueeZiDgZE/xHMe1fJh6G+4s+7ZEAAAAAAAAAAAAwibHHABf+7YTg3ETHCac9RwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YAeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfBUAAP//0AbP3Q==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
ftruncate(r0, 0x2000009)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYBLOB], 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
open(&(0x7f0000000080)='./file1\x00', 0x103c00, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
pwritev2(r1, &(0x7f00000001c0)=[{&(0x7f0000000400)="ba", 0xfdef}], 0x1, 0xe7b, 0x0, 0x1)

2m20.09089884s ago: executing program 6 (id=274):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
statx(0xffffffffffffffff, 0x0, 0x6000, 0x1, 0x0) (fail_nth: 2)

2m20.043550545s ago: executing program 34 (id=274):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
statx(0xffffffffffffffff, 0x0, 0x6000, 0x1, 0x0) (fail_nth: 2)

32.672255514s ago: executing program 7 (id=1366):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01032757c38d085641a7260000000c00"], 0x20}, 0x1, 0x0, 0x0, 0x20040005}, 0x0)

32.541690716s ago: executing program 7 (id=1367):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080200000e"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1807000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7030000ec000000850000001b000000b70000000000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x18)
gettid()
r2 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000340))
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000280)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x2000000, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x48, 0xffffffffffffffff)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r7}, 0x10)
r8 = syz_open_dev$usbfs(&(0x7f0000000480), 0x76, 0x160341)
ioctl$USBDEVFS_IOCTL(r8, 0xc0105512, &(0x7f0000000200))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x13, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000d0ff000200000000e1ffffff851000000600000018000000", @ANYRES32, @ANYBLOB="000000000000000066080200ffd00000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a00000000000085000000060000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x2, 0xff5c, &(0x7f0000000340)=""/222, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x24)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x12, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @cgroup_sock_addr=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00'}, 0x10)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x40000, 0x0)

32.493994331s ago: executing program 5 (id=1368):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000080000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xd, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000000000000000000000080021850000006d00000018110000", @ANYRES32=r0, @ANYRES32=r0], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0xd)
r2 = socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000080)={'batadv_slave_1\x00', <r3=>0x0})
r4 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x88002, 0x0)
pwritev(r4, &(0x7f00000000c0)=[{0x0, 0x4f}, {&(0x7f0000000140)="de", 0x1}], 0x2, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc680000000c0a010100000000000000000a0000070900020073797a31000000000900010073797a31000000003c0003803800008008000340000000022c0007800a0001006c696d69740000001c0002800c00024000000000000000050c000140000000000000000414000000110001"], 0xcc}, 0x1, 0x0, 0x0, 0x24000850}, 0x40)
close(r5)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1be607000000000000000000a100000000000000", @ANYRES32=r0, @ANYBLOB='\t\x00'/20, @ANYRES32=r3, @ANYRES32=r4, @ANYBLOB="0400000001000000030000000000"], 0x50)
r6 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r6)
getsockname$packet(r6, &(0x7f0000000380)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r7 = socket$kcm(0x2, 0x5, 0x84)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6c, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{0x3, 0x0, 0x10000}, {0x10000002, 0x0, 0x4, 0x9}]}, 0x94)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
close(r9)
close(r7)
recvmsg$unix(r8, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r10=>0xffffffffffffffff]}}], 0x18}, 0x12100)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x2, 0x2, @loopback}, 0x10, 0x0}, 0x10)
r11 = socket$kcm(0x2, 0x1, 0x84)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r12=>0xffffffffffffffff})
recvmsg$unix(r12, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r13=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r11, 0x84, 0x64, &(0x7f0000000000)=r13, 0x10)
setsockopt$sock_attach_bpf(r7, 0x84, 0x6e, &(0x7f0000000000)=r10, 0x10)

31.37522793s ago: executing program 5 (id=1371):
bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x10, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x2, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r3}, &(0x7f0000000040), &(0x7f0000000280)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x6, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x200e19}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7, 0x0, 0x0, 0x41100}, 0x95)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000015c0)={&(0x7f0000001480)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0xc, [@fwd={0x1}, @union={0x2, 0x1, 0x0, 0x5, 0x0, 0x0, [{0xa, 0x1}]}]}, {0x0, [0x5f, 0x2e, 0x61, 0x30, 0x5f, 0x0, 0x0, 0x0, 0x0, 0x61]}}, &(0x7f0000001540)=""/74, 0x48, 0x4a, 0x1}, 0x28)

30.482198836s ago: executing program 5 (id=1377):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r0, 0x0, 0x7}, 0x18)
r1 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r1, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @broadcast}}, 0x80, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000005c0)={0x4c, r3, 0x1, 0xfffffffd, 0x25dfdbfc, {0x4f}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xab}}, {0x8}, {0x6, 0x11, 0xffff}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000000}, 0x90)
r4 = syz_usb_connect(0x6, 0x24, 0x0, 0x0)
prctl$PR_MCE_KILL(0x35, 0x0, 0x8)
prctl$PR_GET_SPECULATION_CTRL(0x35, 0x0, 0x2)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYRESHEX=0x0, @ANYRESHEX=r4, @ANYRES8=0x0], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r6}, 0x10)
lstat(&(0x7f0000000180)='./file0\x00', 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000140)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xb904}, 0x94)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000280)='./file1\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0xfb, 0x1219, &(0x7f0000001100)="$eJzs28FrXEUcB/BfkqapqclGrdUWxEEvFeTR5OBFL0FSkC4obSO0gvBqXnTJczfkLYEVsXry6t8hggjeBPGml1z8DwRvuXisID7JrrZd3RVWQjfI53PZH8z7zs7ssAuzzBy+8tn7O9tVtp13Y3ZmJmZ3I9LdFClm4y8fxwsvf//DM9dv3rq63mxuXEvpyvqN1ZdSSsvPfvvWh18891337JtfL3+zEAcrbx/+svbzwfmDC4e/33ivVaVWldqdbsrT7U6nm98ui7TVqnaylN4oi7wqUqtdFXtD7dtlZ3e3l/L21tLi7l5RVSlv99JO0UvdTuru9VL+bt5qpyzL0tJiMLlT96rNz+/WdR1R1/NxOuq6rh+JxTgbj8ZSLEcjVuKxeDyeiHPxZJyPp+Lp+OqnL3tHCQAAAAAAAAAAAAAAAAAAAOD4THr//0L/qWmPGgAAAAAAAAAAAAAAAAAAAP5frt+8dXW92dy4ltKZiPLT/c39zcHroH19O1pRRhGXoxG/Rf/2/8CgvvJac+Ny6luJT8o7f+bv7G/ODedXoxEvjs6vDvJpOL8Qiw/m16IR50bl52NtZP5MXHr+gXwWjfjxnehEGVtxlL3//h+tpvTq682/5S/2nxtv7mEsDwAAAByLLN0zcv+eZePaB/kJ/h8Y2l8fZS+emurUiYiq98FOXpbFnmJkcelkDKNfnD7ODucjYrLUr3VdT/9DmFIx/puyEBH/ueeZiDgZE/xHMe1fJh6G+4s+7ZEAAAAAAAAAAAAwibHHABf+7YTg3ETHCac9RwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YAeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfBUAAP//0AbP3Q==")
r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
pwritev2(r7, &(0x7f00000001c0)=[{&(0x7f0000000400)="ba", 0xfdef}], 0x1, 0xe7b, 0x0, 0x1)

29.82720699s ago: executing program 7 (id=1379):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x4, &(0x7f0000000700)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x14, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000000}, 0x94)
r0 = socket$inet6(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv_slave_0\x00'})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000980)={&(0x7f0000000180)='kfree\x00', r2}, 0x18)
setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r5=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="2000000011000101000000000001000000000000", @ANYRES32=r5], 0x20}}, 0x2000c004)
close(r0)

28.379064061s ago: executing program 5 (id=1384):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x10, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000001c0)={[{@delalloc}, {@nombcache}, {@barrier}, {@dioread_lock}, {@stripe={'stripe', 0x3d, 0x8}}, {@resgid}, {@data_err_ignore}, {@jqfmt_vfsv0}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001600)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x2, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r3}, &(0x7f0000000040), &(0x7f0000000280)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x6, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x200e19}, 0x94)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7, 0x0, 0x0, 0x41100}, 0x95)
r5 = socket$packet(0x11, 0x2, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000feffffff0000000000040000851000000200000085000000230000009500000000000000"], 0x0, 0xfffffffe, 0x0, 0x0, 0x727c45cd4283345, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f0000000180), 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
mount$cgroup(0x0, 0x0, &(0x7f0000000040), 0x0, 0x0)
syz_clone(0x42164000, 0x0, 0x0, 0x0, 0x0, 0x0)

28.277824391s ago: executing program 7 (id=1389):
bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[], 0x48)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000001c0)={[{@delalloc}, {@nombcache}, {@barrier}, {@dioread_lock}, {@stripe={'stripe', 0x3d, 0x8}}, {@resgid}, {@data_err_ignore}, {@jqfmt_vfsv0}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001600)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x2, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r1}, &(0x7f0000000040), &(0x7f0000000280)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x6, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x200e19}, 0x94)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7, 0x0, 0x0, 0x41100}, 0x95)
r4 = socket$packet(0x11, 0x2, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000feffffff0000000000040000851000000200000085000000230000009500000000000000"], 0x0, 0xfffffffe, 0x0, 0x0, 0x727c45cd4283345, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f0000000180), 0x4)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000015c0)={&(0x7f0000001480)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0xc, [@fwd={0x1}, @union={0x2, 0x1, 0x0, 0x5, 0x0, 0x0, [{0xa, 0x1}]}]}, {0x0, [0x5f, 0x2e, 0x61, 0x30, 0x5f, 0x0, 0x0, 0x0, 0x0, 0x61]}}, &(0x7f0000001540)=""/74, 0x48, 0x4a, 0x1}, 0x28)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
mount$cgroup(0x0, 0x0, &(0x7f0000000040), 0x0, 0x0)
syz_clone(0x42164000, 0x0, 0x0, 0x0, 0x0, 0x0)

27.012850874s ago: executing program 7 (id=1391):
prctl$PR_SET_NAME(0xf, &(0x7f0000000480)='gtp\x00')
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0x2}, 0x18)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_GET(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="b40000000107010100008000000000000700000708000540000000010800054000000000340007800800024000000006080001"], 0xb4}, 0x1, 0x0, 0x0, 0x40000}, 0x24004800)
socket$inet6_sctp(0xa, 0x1, 0x84)
sendmsg$DEVLINK_CMD_GET(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x0, 0x1, 0x0, 0x25cfdbfc, {0x54}}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000700000e0000000000000000000a20000000000a03000000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a30000000000800054000000002600000000c0a01080000000000000000010000000900020073797a32000000003400038030000080080003400000000224000b80200001800e000100636f6e6e6c696d69740000000c00028008000140000000000900010073797a30"], 0xe4}, 0x1, 0x0, 0x0, 0x24040095}, 0x0)

26.027892479s ago: executing program 5 (id=1394):
r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0xb, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0xd07, 0x40}, 0x100b28, 0x6, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000096c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newtaction={0x74, 0x30, 0xb, 0xfffffffd, 0x0, {}, [{0x60, 0x1, [@m_vlan={0x5c, 0x1, 0x0, 0x0, {{0x9}, {0x30, 0x2, 0x0, 0x1, [@TCA_VLAN_PARMS={0x1c, 0x2, {{0xe3, 0x6, 0xffffffffeffffffd, 0x8, 0x5}, 0x2}}, @TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0x62e}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x88a8}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x74}}, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r0, 0x4008240b, &(0x7f00000001c0)={0x5, 0x80, 0x18, 0x70, 0x2, 0x41, 0x0, 0x5, 0x100, 0x2, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x3, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x3, 0x0, @perf_config_ext={0x800, 0xfffffffffffff001}, 0x8000, 0x43ea, 0x6, 0x4, 0x7519, 0x81, 0x4, 0x0, 0xe3, 0x0, 0x7ff})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x10, 0x7ffc1ffb}]})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @multicast2}]}, &(0x7f0000000180)=0x10)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='setgroups\x00')
close_range(r4, 0xffffffffffffffff, 0x0)

25.339225817s ago: executing program 7 (id=1404):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000080000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xd, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000000000000000000000080021850000006d00000018110000", @ANYRES32=r0, @ANYRES32=r0], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0xd)
r2 = socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000080)={'batadv_slave_1\x00', <r3=>0x0})
r4 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x88002, 0x0)
pwritev(r4, &(0x7f00000000c0)=[{0x0, 0x4f}, {&(0x7f0000000140)="de", 0x1}], 0x2, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc680000000c0a010100000000000000000a0000070900020073797a31000000000900010073797a31000000003c0003803800008008000340000000022c0007800a0001006c696d69740000001c0002800c00024000000000000000050c000140000000000000000414000000110001"], 0xcc}, 0x1, 0x0, 0x0, 0x24000850}, 0x40)
close(r5)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1be607000000000000000000a100000000000000", @ANYRES32=r0, @ANYBLOB='\t\x00'/20, @ANYRES32=r3, @ANYRES32=r4, @ANYBLOB="04000000010000000300"/21], 0x50)
r6 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r6)
getsockname$packet(r6, &(0x7f0000000380)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r7 = socket$kcm(0x2, 0x5, 0x84)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6c, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{0x3, 0x0, 0x10000}, {0x10000002, 0x0, 0x4, 0x9}]}, 0x94)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
close(r9)
close(r7)
recvmsg$unix(r8, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r10=>0xffffffffffffffff]}}], 0x18}, 0x12100)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x2, 0x2, @loopback}, 0x10, 0x0}, 0x10)
r11 = socket$kcm(0x2, 0x1, 0x84)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r12=>0xffffffffffffffff})
recvmsg$unix(r12, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r13=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r11, 0x84, 0x64, &(0x7f0000000000)=r13, 0x10)
setsockopt$sock_attach_bpf(r7, 0x84, 0x6e, &(0x7f0000000000)=r10, 0x10)

25.337806466s ago: executing program 35 (id=1404):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000080000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xd, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000000000000000000000080021850000006d00000018110000", @ANYRES32=r0, @ANYRES32=r0], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0xd)
r2 = socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000080)={'batadv_slave_1\x00', <r3=>0x0})
r4 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x88002, 0x0)
pwritev(r4, &(0x7f00000000c0)=[{0x0, 0x4f}, {&(0x7f0000000140)="de", 0x1}], 0x2, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc680000000c0a010100000000000000000a0000070900020073797a31000000000900010073797a31000000003c0003803800008008000340000000022c0007800a0001006c696d69740000001c0002800c00024000000000000000050c000140000000000000000414000000110001"], 0xcc}, 0x1, 0x0, 0x0, 0x24000850}, 0x40)
close(r5)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1be607000000000000000000a100000000000000", @ANYRES32=r0, @ANYBLOB='\t\x00'/20, @ANYRES32=r3, @ANYRES32=r4, @ANYBLOB="04000000010000000300"/21], 0x50)
r6 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r6)
getsockname$packet(r6, &(0x7f0000000380)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r7 = socket$kcm(0x2, 0x5, 0x84)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6c, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{0x3, 0x0, 0x10000}, {0x10000002, 0x0, 0x4, 0x9}]}, 0x94)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
close(r9)
close(r7)
recvmsg$unix(r8, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r10=>0xffffffffffffffff]}}], 0x18}, 0x12100)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x2, 0x2, @loopback}, 0x10, 0x0}, 0x10)
r11 = socket$kcm(0x2, 0x1, 0x84)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r12=>0xffffffffffffffff})
recvmsg$unix(r12, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r13=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r11, 0x84, 0x64, &(0x7f0000000000)=r13, 0x10)
setsockopt$sock_attach_bpf(r7, 0x84, 0x6e, &(0x7f0000000000)=r10, 0x10)

25.241219556s ago: executing program 5 (id=1407):
r0 = socket(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xb, &(0x7f0000000900)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x9}, 0x18)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=@newqdisc={0x110, 0x24, 0xd0f, 0x3, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0x2}, {0xffff, 0xffff}, {0xfff1}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}, @TCA_STAB={0xd8, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0xcd, 0x7f, 0x8, 0x0, 0x0, 0x0, 0x2}}, {0x4}}, {{0x1c, 0x1, {0x2, 0xec, 0x3, 0xd, 0x0, 0x8001, 0x7, 0x1}}, {0x6, 0x2, [0x8001]}}, {{0x1c, 0x1, {0x6, 0x2, 0x7d4, 0x10000000, 0x1, 0x0, 0x8001, 0x3}}, {0xa, 0x2, [0x600, 0x8000, 0x7]}}, {{0xfffffffffffffe3c, 0x1, {0xa0, 0x8, 0x83c5, 0x2a, 0x2, 0x1, 0xfffffffa}}, {0x4}}, {{0x1c, 0x1, {0x4, 0x2, 0x6, 0x77dd, 0x1, 0x7, 0x9, 0x4}}, {0xc, 0x2, [0x1, 0x1000, 0x69c4, 0xfff6]}}, {{0x1c, 0x1, {0x7, 0x79, 0x8, 0x8, 0x0, 0x41, 0xf}}, {0x4}}]}]}, 0x110}, 0x1, 0x0, 0x0, 0x4008094}, 0x8840)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x2, @perf_bp={0x0, 0x8}, 0x4, 0x0, 0x10000, 0x0, 0x2, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0x1)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x1, &(0x7f0000000200)=[{0x6, 0xff, 0x7, 0x7fc00002}]})
syz_clone3(0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r3, 0xc0502100, &(0x7f0000000500)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r3, 0x40182103, &(0x7f0000000100)={r4, 0x1, r3, 0x200000})
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat$cgroup_procs(r5, &(0x7f0000000280)='tasks\x00', 0x2, 0x0)
r7 = syz_clone(0x4000, &(0x7f0000001000), 0x0, 0x0, 0x0, 0x0)
write$cgroup_pid(r6, &(0x7f0000000400)=r7, 0x12)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000001400000000000000ff000000850000000e000000850000000700000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000000)='kmem_cache_free\x00', r8}, 0x18)
sendmsg$NL80211_CMD_DISCONNECT(r0, &(0x7f00000009c0)={&(0x7f0000000580), 0xc, &(0x7f0000000980)={&(0x7f0000000780)={0x34, 0x0, 0x0, 0x70bd25, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x31}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x41}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x1}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x38}]}, 0x34}, 0x1, 0x0, 0x0, 0x8080}, 0x40000)
r9 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000340)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
r10 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000001480)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000380)='kfree\x00', r11, 0x0, 0x4804}, 0x18)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r10, 0x40505330, &(0x7f00000001c0)={0x800000, 0x0, 0xfdfffffd, 0x5, 0x3fbd, 0x7})
close_range(r9, 0xffffffffffffffff, 0xfbff)

25.230293467s ago: executing program 36 (id=1407):
r0 = socket(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xb, &(0x7f0000000900)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x9}, 0x18)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=@newqdisc={0x110, 0x24, 0xd0f, 0x3, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0x2}, {0xffff, 0xffff}, {0xfff1}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}, @TCA_STAB={0xd8, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0xcd, 0x7f, 0x8, 0x0, 0x0, 0x0, 0x2}}, {0x4}}, {{0x1c, 0x1, {0x2, 0xec, 0x3, 0xd, 0x0, 0x8001, 0x7, 0x1}}, {0x6, 0x2, [0x8001]}}, {{0x1c, 0x1, {0x6, 0x2, 0x7d4, 0x10000000, 0x1, 0x0, 0x8001, 0x3}}, {0xa, 0x2, [0x600, 0x8000, 0x7]}}, {{0xfffffffffffffe3c, 0x1, {0xa0, 0x8, 0x83c5, 0x2a, 0x2, 0x1, 0xfffffffa}}, {0x4}}, {{0x1c, 0x1, {0x4, 0x2, 0x6, 0x77dd, 0x1, 0x7, 0x9, 0x4}}, {0xc, 0x2, [0x1, 0x1000, 0x69c4, 0xfff6]}}, {{0x1c, 0x1, {0x7, 0x79, 0x8, 0x8, 0x0, 0x41, 0xf}}, {0x4}}]}]}, 0x110}, 0x1, 0x0, 0x0, 0x4008094}, 0x8840)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x2, @perf_bp={0x0, 0x8}, 0x4, 0x0, 0x10000, 0x0, 0x2, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0x1)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x1, &(0x7f0000000200)=[{0x6, 0xff, 0x7, 0x7fc00002}]})
syz_clone3(0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r3, 0xc0502100, &(0x7f0000000500)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r3, 0x40182103, &(0x7f0000000100)={r4, 0x1, r3, 0x200000})
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat$cgroup_procs(r5, &(0x7f0000000280)='tasks\x00', 0x2, 0x0)
r7 = syz_clone(0x4000, &(0x7f0000001000), 0x0, 0x0, 0x0, 0x0)
write$cgroup_pid(r6, &(0x7f0000000400)=r7, 0x12)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000001400000000000000ff000000850000000e000000850000000700000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000000)='kmem_cache_free\x00', r8}, 0x18)
sendmsg$NL80211_CMD_DISCONNECT(r0, &(0x7f00000009c0)={&(0x7f0000000580), 0xc, &(0x7f0000000980)={&(0x7f0000000780)={0x34, 0x0, 0x0, 0x70bd25, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x31}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x41}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x1}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x38}]}, 0x34}, 0x1, 0x0, 0x0, 0x8080}, 0x40000)
r9 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000340)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
r10 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000001480)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000380)='kfree\x00', r11, 0x0, 0x4804}, 0x18)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r10, 0x40505330, &(0x7f00000001c0)={0x800000, 0x0, 0xfdfffffd, 0x5, 0x3fbd, 0x7})
close_range(r9, 0xffffffffffffffff, 0xfbff)

12.515135964s ago: executing program 9 (id=1512):
syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000240)='./file0\x00', 0x0, &(0x7f0000000ac0)=ANY=[@ANYBLOB="75746638006d61703d6f983c756661703d6e6f726d616c2c6909000000f2ff00003dda5de4d586f0df206d65656b416d6f64653d3078303030303010303071303030303030302c73657373696f6e3d307830faffffff30303030303030f4e4b4f82c6d61736b3d4d4159574b50be30c8486470722677b93165cfe6f62127553b2017754598752d977369672c7063723d303030303030303030303030303030303030332c64566e745f6d6561737572652c00000000000000006bbf4d6406b59dbc529c00000000000000fada265ab14119997600a2299d2c35a2efc1bf037787a0d801f26d335ef2ba9ac2423a358ccbb776b21e1d3b", @ANYRESDEC=0x0, @ANYRESHEX], 0xfe, 0x677, &(0x7f0000000c00)="$eJzs3UtvG9fdx/HfUNT1AYwHbREYhmOd2A0goy5NUrECwV2UHQ6lSUkOMUMV0ipwYykwTDmt7QK1Nqk2vQDtG+gumyz6Igp0nXXfQJcFgnZXoBsWc+NFnBFp3ew234+Q8HDOf+b85+I5GpFzRgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQJZdL5crlppue2fX5LPrvtc6pT5e2rzuxoW7U9uVrPA/LS3pejzp+neG1e+E/7utm/G7m1oKX5Z09H/v/P/DbxcL6fynJHQWet0Fvnh19PRRr7f//Gyt9a2zzHcpJjJRYYa5tpy2G3huq7blGDfwzObGRvn+diMwDbfpBHtB12kZ23cKXc83a/ZdU9ncXDdOac/baW/Va00nnfjh96vl8ob5aDHZ/fc/KgX2tttsuu2tKCasDmMWB0eIU2sZc/Ckt78+LckwqDJLUHVaULVcrVYq1Wpl48Hmgw/L5eLEhPIJmogYHrRvz87HVbqgMzdwfoWw//+bJTW1pLZ2tCuT+WOrLl+eWjn1ibT/f/++c2q7o/1/2stfH1bfUNT/34rf3crr/3NyMTLRDFk1Vs70s/280Csd6akeqaee9vX8Ypa7enEZXu7PllSUXAXy5KqlmrbkyCRTjDa1oQ2V9bG21VAgo4ZcNeUo0J4CdeWoFe0TX45q6sqTL6M12boro4o2tal1GTkqaU+edtTWluqq6V/9fv9AT6Ltvn5KjkqDKrMEFQfH4GRQXv//08/jOV6v/8f/nsGxM0MM8Mb1k+v/fHNZE1cvLyMAAAAAAHDRrOiv71b02f27kvpquE2n/KbTAgAAAAAAFyj65P9m+DIflt6VlXP937/63AAAAAAAwMWwonvsLEkr0Zf6reGdULN8CSDz5gAAAAAAAPB2iT7/v7Ug9aOh1VZlvdb1PwAAAAAA+C/w25Ex9ovpGLv99GP9gqSgs2j9+R+L8uet487ud63DWlhTO0xiJr4B0G3csIqKB+qNxutdkBS9s52bVjI+cDIIphUP7Ct9fTBtrH/LP5HAwlz654uMBK4djSSwUUze6fd6L455L2n38VFBUU3cykrDbTol22s+rKhWu1boOrvdXzx78kvJH6znwZPefumTz3qPo1yOw0nHh2Een4+lU5iWy8tovIXonousNV5WI23yd+3WihW1W07Xf061w8JoQ7Ot/691O465vRK/rhyle0DWr5JCpRTtsuHaR6NDWMMsKifXPGtH5GSxFGVxJ465s3Ynfknzi/fC0vfmpGppch/4o1lUR7OYvi2sf05siylZhMfCepjFX8IF5WSx/npZTOwRAHhTDoa9UDSI+eQY+yf73Yyz3HLymnuWm967/3C8lZd/7Mc3HM5JRfUXk+6ln9+vKDyjr8VhC/Eo7sUbGWf0ctKvLCnnjF4+R+8WtvWn4TOQkqfVJDXFQRb/7vf7DytRu3840at+Ec7wRW67QbM6F27C+y8PfxYNgB/6dP/T/WfV6vpG+YNy+UFV89FqJC/0PQCADNOfsTMesTTszwZ99weDq+rHf38/Lo31u98afKWgpE/0mXp6rHvpIwRWs9tdGfkawr3Jq9YwNvqtYzy2onu5V3VRXzoSWx3EziudZfz3hWHs+mXvBgAArtTtKf3wyf4/69r9XnrdvXYj87p7vC8/+YTgvNjKFW8JAAC+ORz/a2ul+xvL993Ox5XNzUqtu+0Y37N/bHy3vuUYt911fHu71t5yTMf3up7tNU3H16JbdwIT7HQ6nt81Dc83HS9wd6Mnv5vk0e+B06q1u64ddJpOLXCM7bW7Nbtr6m5gm87Oj5pusO340cxBx7HdhmvXuq7XNoG3LNspGRM4zkigW3faXbfhhsW26fhuq+bvmZ94zZ2WY+pOYPtup+vFC0zbctsNz29Fiy2pf9qDDgEA+MZ48ero6aNeb//5KYVjxYX0+2hJ1VcZwQtZC3zDqwgAAE6glwYAAAAAAAAAAAAAAAAAAAAA4O03y/1/pxbSmwLTKfPKCJYGU35+baYlWxpO+fKv58rwDIXCySnJSLv96bN/FReKWTHLYWFBUi/d/KMxx1MTm8uYK6+wOtOaKi4UL34bLktZR8KlFX5wMH4cTsSElZlVi4OtWjz/P4eswrMvc6qmH1GL49tw4bQVHC8UJT1fOMcuuNrzEICr958AAAD//7gMOck=")
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000001d80)=@broute={'broute\x00', 0x20, 0x4, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000c0], 0x11, 0x0, &(0x7f00000000c0)=[{0x0, '\x00', 0x0, 0xfffffffc}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}, {0x0, '\x00', 0x4, 0xfffffffffffffffe}]}, 0x108)
r2 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000180), 0x1, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
write$binfmt_register(r2, &(0x7f0000000040)={0x3a, 'syz3', 0x3a, 'E', 0x3a, 0x9, 0x3a, 'M', 0x3a, '^', 0x3a, './file0', 0x3a, [0x46]}, 0x2a)

11.973749396s ago: executing program 9 (id=1513):
syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000240)='./file0\x00', 0x0, &(0x7f0000000ac0)=ANY=[@ANYBLOB="75746638006d61703d6f983c756661703d6e6f726d616c2c6909000000f2ff00003dda5de4d586f0df206d65656b416d6f64653d3078303030303010303071303030303030302c73657373696f6e3d307830faffffff30303030303030f4e4b4f82c6d61736b3d4d4159574b50be30c8486470722677b93165cfe6f62127553b2017754598752d977369672c7063723d303030303030303030303030303030303030332c64566e745f6d6561737572652c00000000000000006bbf4d6406b59dbc529c00000000000000fada265ab14119997600a2299d2c35a2efc1bf037787a0d801f26d335ef2ba9ac2423a358ccbb776b21e1d3b", @ANYRESDEC=0x0, @ANYRESHEX], 0xfe, 0x677, &(0x7f0000000c00)="$eJzs3UtvG9fdx/HfUNT1AYwHbREYhmOd2A0goy5NUrECwV2UHQ6lSUkOMUMV0ipwYykwTDmt7QK1Nqk2vQDtG+gumyz6Igp0nXXfQJcFgnZXoBsWc+NFnBFp3ew234+Q8HDOf+b85+I5GpFzRgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQJZdL5crlppue2fX5LPrvtc6pT5e2rzuxoW7U9uVrPA/LS3pejzp+neG1e+E/7utm/G7m1oKX5Z09H/v/P/DbxcL6fynJHQWet0Fvnh19PRRr7f//Gyt9a2zzHcpJjJRYYa5tpy2G3huq7blGDfwzObGRvn+diMwDbfpBHtB12kZ23cKXc83a/ZdU9ncXDdOac/baW/Va00nnfjh96vl8ob5aDHZ/fc/KgX2tttsuu2tKCasDmMWB0eIU2sZc/Ckt78+LckwqDJLUHVaULVcrVYq1Wpl48Hmgw/L5eLEhPIJmogYHrRvz87HVbqgMzdwfoWw//+bJTW1pLZ2tCuT+WOrLl+eWjn1ibT/f/++c2q7o/1/2stfH1bfUNT/34rf3crr/3NyMTLRDFk1Vs70s/280Csd6akeqaee9vX8Ypa7enEZXu7PllSUXAXy5KqlmrbkyCRTjDa1oQ2V9bG21VAgo4ZcNeUo0J4CdeWoFe0TX45q6sqTL6M12boro4o2tal1GTkqaU+edtTWluqq6V/9fv9AT6Ltvn5KjkqDKrMEFQfH4GRQXv//08/jOV6v/8f/nsGxM0MM8Mb1k+v/fHNZE1cvLyMAAAAAAHDRrOiv71b02f27kvpquE2n/KbTAgAAAAAAFyj65P9m+DIflt6VlXP937/63AAAAAAAwMWwonvsLEkr0Zf6reGdULN8CSDz5gAAAAAAAPB2iT7/v7Ug9aOh1VZlvdb1PwAAAAAA+C/w25Ex9ovpGLv99GP9gqSgs2j9+R+L8uet487ud63DWlhTO0xiJr4B0G3csIqKB+qNxutdkBS9s52bVjI+cDIIphUP7Ct9fTBtrH/LP5HAwlz654uMBK4djSSwUUze6fd6L455L2n38VFBUU3cykrDbTol22s+rKhWu1boOrvdXzx78kvJH6znwZPefumTz3qPo1yOw0nHh2Een4+lU5iWy8tovIXonousNV5WI23yd+3WihW1W07Xf061w8JoQ7Ot/691O465vRK/rhyle0DWr5JCpRTtsuHaR6NDWMMsKifXPGtH5GSxFGVxJ465s3Ynfknzi/fC0vfmpGppch/4o1lUR7OYvi2sf05siylZhMfCepjFX8IF5WSx/npZTOwRAHhTDoa9UDSI+eQY+yf73Yyz3HLymnuWm967/3C8lZd/7Mc3HM5JRfUXk+6ln9+vKDyjr8VhC/Eo7sUbGWf0ctKvLCnnjF4+R+8WtvWn4TOQkqfVJDXFQRb/7vf7DytRu3840at+Ec7wRW67QbM6F27C+y8PfxYNgB/6dP/T/WfV6vpG+YNy+UFV89FqJC/0PQCADNOfsTMesTTszwZ99weDq+rHf38/Lo31u98afKWgpE/0mXp6rHvpIwRWs9tdGfkawr3Jq9YwNvqtYzy2onu5V3VRXzoSWx3EziudZfz3hWHs+mXvBgAArtTtKf3wyf4/69r9XnrdvXYj87p7vC8/+YTgvNjKFW8JAAC+ORz/a2ul+xvL993Ox5XNzUqtu+0Y37N/bHy3vuUYt911fHu71t5yTMf3up7tNU3H16JbdwIT7HQ6nt81Dc83HS9wd6Mnv5vk0e+B06q1u64ddJpOLXCM7bW7Nbtr6m5gm87Oj5pusO340cxBx7HdhmvXuq7XNoG3LNspGRM4zkigW3faXbfhhsW26fhuq+bvmZ94zZ2WY+pOYPtup+vFC0zbctsNz29Fiy2pf9qDDgEA+MZ48ero6aNeb//5KYVjxYX0+2hJ1VcZwQtZC3zDqwgAAE6glwYAAAAAAAAAAAAAAAAAAAAA4O03y/1/pxbSmwLTKfPKCJYGU35+baYlWxpO+fKv58rwDIXCySnJSLv96bN/FReKWTHLYWFBUi/d/KMxx1MTm8uYK6+wOtOaKi4UL34bLktZR8KlFX5wMH4cTsSElZlVi4OtWjz/P4eswrMvc6qmH1GL49tw4bQVHC8UJT1fOMcuuNrzEICr958AAAD//7gMOck=")
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000001d80)=@broute={'broute\x00', 0x20, 0x4, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000c0], 0x11, 0x0, &(0x7f00000000c0)=[{0x0, '\x00', 0x0, 0xfffffffc}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}, {0x0, '\x00', 0x4, 0xfffffffffffffffe}]}, 0x108)
r2 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000180), 0x1, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
write$binfmt_register(r2, &(0x7f0000000040)={0x3a, 'syz3', 0x3a, 'E', 0x3a, 0x9, 0x3a, 'M', 0x3a, '^', 0x3a, './file0', 0x3a, [0x46]}, 0x2a)

10.948805665s ago: executing program 9 (id=1517):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xf, &(0x7f0000000400)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, 0x0, 0x9, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x8}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) (fail_nth: 7)

10.48702013s ago: executing program 9 (id=1520):
bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x10, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000001c0)={[{@delalloc}, {@nombcache}, {@barrier}, {@dioread_lock}, {@stripe={'stripe', 0x3d, 0x8}}, {@resgid}, {@data_err_ignore}, {@jqfmt_vfsv0}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001600)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x2, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r3}, &(0x7f0000000040), &(0x7f0000000280)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x6, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x200e19}, 0x94)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7, 0x0, 0x0, 0x41100}, 0x95)
r5 = socket$packet(0x11, 0x2, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000feffffff0000000000040000851000000200000085000000230000009500000000000000"], 0x0, 0xfffffffe, 0x0, 0x0, 0x727c45cd4283345, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f0000000180), 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
mount$cgroup(0x0, 0x0, &(0x7f0000000040), 0x0, 0x0)
syz_clone(0x42164000, 0x0, 0x0, 0x0, 0x0, 0x0)

8.94717704s ago: executing program 9 (id=1533):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080200000e"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1807000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7030000ec000000850000001b000000b70000000000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x18)
gettid()
r2 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000340))
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000280)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x2000000, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x48, 0xffffffffffffffff)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059000000"], 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r7}, 0x10)
r8 = syz_open_dev$usbfs(&(0x7f0000000480), 0x76, 0x160341)
ioctl$USBDEVFS_IOCTL(r8, 0xc0105512, &(0x7f0000000200))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x13, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000d0ff000200000000e1ffffff851000000600000018000000", @ANYRES32, @ANYBLOB="000000000000000066080200ffd00000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a00000000000085000000060000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x2, 0xff5c, &(0x7f0000000340)=""/222, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x24)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x12, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @cgroup_sock_addr=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00'}, 0x10)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x40000, 0x0)

8.410771422s ago: executing program 9 (id=1542):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYRES16], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = fsopen(&(0x7f0000000240)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchdir(r1)
r2 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000200)={'lo\x00', <r3=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="400000001400b59527bd7000ffdbdf250a1700ff", @ANYRES32=r3, @ANYBLOB="140002000000000000000000001b00001900000000ffef007f0000004a0900000180000006000000"], 0x40}, 0x1, 0x0, 0x0, 0xa1255a8362be309d}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
writev(r6, &(0x7f0000000400)=[{&(0x7f0000000100)="92", 0x1}], 0x1)
pipe(&(0x7f0000000380)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
splice(r8, 0x0, r9, 0x0, 0xf3a, 0x0)
splice(r5, 0x0, r9, 0x0, 0x80, 0x6)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@newqdisc={0x44, 0x24, 0xf0b, 0x3, 0x25dfdc00, {0x60, 0x0, 0x0, 0x0, {0xfff3, 0x9}, {0x2, 0x3}, {0x3, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_MPU={0x8, 0xe, 0x97}, @TCA_CAKE_NAT={0x8, 0xb, 0x1}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x44045}, 0x400c0d0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e"], 0x50}}, 0x0)
r10 = socket(0x10, 0x3, 0x0)
sendmmsg(r10, &(0x7f0000000000), 0x400000000000235, 0x0)
write(r7, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0x1ff)
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000006c0)=ANY=[@ANYBLOB="38000000150d01040000000000000000000000000a42edd60beb81feb4292150c0495b03da0b9c4aba849a1993b9c5fa5393f58a192f1947b39fc29da6e9efc03dac3c1201199225d5ded1768ab667e3c8cee79a542c8e2df96ef1d01483994e5c9945ffd4e300000000", @ANYRES32=0x0, @ANYBLOB="5d5800000000000004001a80140003007369743000"/32], 0x38}}, 0x0)
r12 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108)
getdents64(r12, &(0x7f00000000c0)=""/55, 0x37)
lseek(r12, 0x3, 0x0)
r13 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xf, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000fcffffff18110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000081000000b7200000000000000095000000000000"], 0x0, 0x9, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000180)={0x0, r13}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

8.410443912s ago: executing program 37 (id=1542):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYRES16], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = fsopen(&(0x7f0000000240)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchdir(r1)
r2 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000200)={'lo\x00', <r3=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="400000001400b59527bd7000ffdbdf250a1700ff", @ANYRES32=r3, @ANYBLOB="140002000000000000000000001b00001900000000ffef007f0000004a0900000180000006000000"], 0x40}, 0x1, 0x0, 0x0, 0xa1255a8362be309d}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
writev(r6, &(0x7f0000000400)=[{&(0x7f0000000100)="92", 0x1}], 0x1)
pipe(&(0x7f0000000380)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
splice(r8, 0x0, r9, 0x0, 0xf3a, 0x0)
splice(r5, 0x0, r9, 0x0, 0x80, 0x6)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@newqdisc={0x44, 0x24, 0xf0b, 0x3, 0x25dfdc00, {0x60, 0x0, 0x0, 0x0, {0xfff3, 0x9}, {0x2, 0x3}, {0x3, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_MPU={0x8, 0xe, 0x97}, @TCA_CAKE_NAT={0x8, 0xb, 0x1}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x44045}, 0x400c0d0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e"], 0x50}}, 0x0)
r10 = socket(0x10, 0x3, 0x0)
sendmmsg(r10, &(0x7f0000000000), 0x400000000000235, 0x0)
write(r7, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0x1ff)
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000006c0)=ANY=[@ANYBLOB="38000000150d01040000000000000000000000000a42edd60beb81feb4292150c0495b03da0b9c4aba849a1993b9c5fa5393f58a192f1947b39fc29da6e9efc03dac3c1201199225d5ded1768ab667e3c8cee79a542c8e2df96ef1d01483994e5c9945ffd4e300000000", @ANYRES32=0x0, @ANYBLOB="5d5800000000000004001a80140003007369743000"/32], 0x38}}, 0x0)
r12 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108)
getdents64(r12, &(0x7f00000000c0)=""/55, 0x37)
lseek(r12, 0x3, 0x0)
r13 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xf, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000fcffffff18110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000081000000b7200000000000000095000000000000"], 0x0, 0x9, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000180)={0x0, r13}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

3.450082325s ago: executing program 2 (id=1602):
r0 = socket(0x840000000002, 0x3, 0xff)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="020000000400000008"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1, <r2=>0xffffffffffffffff}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000a40)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000240)='kmem_cache_free\x00', r3}, 0x18)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='gre0\x00', 0x10)
sendmmsg$inet(r0, &(0x7f0000000440)=[{{&(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001980)=[{&(0x7f0000000240)="a9050000000074640000000000003552bde5c064c63caf82b68c101b9d7688f49e52348e", 0x24}], 0x1}}, {{&(0x7f00000004c0)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000000000)=[{&(0x7f0000000080)="3445187cee2705ecdb6fb74cdf9cb098fd72760f", 0x14}], 0x1}}], 0x2, 0x0)

3.388225231s ago: executing program 8 (id=1604):
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x4, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x9)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000000, &(0x7f0000000600)={[{@grpid}]}, 0x1, 0x521, &(0x7f0000000640)="$eJzs3d9rZFcdAPDvvcmkyW5qpiqyFmyLrewW3ZmksRpF2gqiTwW1vq8xmYSQSSZkJnUTiqb4BwgiKvgH+CL44KMg/RNEWNB3UVFEd/VR98qdudH8mEnGZJJZJ58PnMw598f5nnPJ3Lk/DvcGcG29EBFvRMRYRLwcETPF9LRIsd9J+XKPHr6zlKcksuytvyaRFNMO6srL4xFxs1htMiK++qWIbyQn4zZ399YX6/XadlGutja2qs3dvbtrG4urtdXa5vz83M8j4tWF2axwoX6WI+K1L/zxB9/9yRdf++Unvvm7e3++8628WZ/7UKfdEbF0oQA9dOoutbfFgXwbbV9GsCHJ+1MaG3YrAADoR36M//6I+Gj7+H8mxtpHcwAAAMAoyV6fjn8mERkAAAAwstKImI4krRRjAaYjTSuVzhjeD8aNtN5otj6+0tjZXM7nRZSjlK6s1WuzxVjhcpSSvDxXjLE9KL9yrDwfEc9ExPdnptrlylKjvjzsix8AAABwTdx8/uj5/z9m0nYeAAAAGDHlngUAAABgVDjlBwAAgNHn/B8AAABG2pfffDNP2cF7vJff3t1Zb7x9d7nWXK9s7CxVlhrbW5XVRmO1/cy+jbPqqzcaW5+MzZ371Vat2ao2d/fubTR2Nlv31o68AhsAAAC4Qs88/95vk4jY/+xUO0XxHECAI/4w7AYAgzQ27AYAQzM+7AYAQ1M6cwl7CBh1yRnzTw7e6VwrjF9dTnsAAIDBu/3hk/f/J4p5Z18bAP6fGesDANfP0bt7U0NrB3D1SucdAXhr0C0BhuV9nY+nes3v+fCOPu7/d64xZNm5GgYAAAzMdDslaaU4Tp+ONK1UIp6Ox1k5SsnKWr02W5wf/Gam9FRenmuvmZw5ZhgAAAAAAAAAAAAAAAAAAAAAAAAA6MiyJDIAAABgpEWkf0raT/OPuD3z0vTRqwPH3vr147d+eH+x1dqei5hI/jaTT5qIiNaPiumvZF4JAAAAAMM1lf/pnKcXn3PDbhIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAo+bRw3eWDtJVxv3L5yOi3C3+eEy2PyejFBE3/p7E+KH1kogYG0D8/Xcj4la3+Ek8zrKsXLSiW/ypS45fbm+a7vHTiLg5gPhwnb2X73/e6Pb9S+OF9mf37994kS6q9/4v/c/+b6zH/ufpY+Venn3ws2rP+O9GPDveff9zED/pxD8SIi+82Gcfv/61vb2uMw5V2S3+4VjV1sZWtbm7d3dtY3G1tlrbnJ+f+9TCpxdeXZitrqzVa8XfrmG+95FfPD6t/zd6xC8f7f+J7f9SX73P4l8P7j/8QKdQ6hb/zovdf39v9YifFr99Hyvy+fzbB/n9Tv6w53766+dO6/9yj/5PntH/O331Pz7z8le+8/uuc05sDQDgKjR399YX6/Xa9imZyT6W+Z8yERet5/WBtudJyMTZy0w+IU29jEz27c7/48XqueDqJzLZRVYfjwE0Y+LE93QszlthErGf19XnPyQAADBi/nvQf9odJAAAAAAAAAAAAAAAAAAAAOAynfOxZJMR0ffCx2PuD6erAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACn+ncAAAD//+8b0g8=")
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$kcm(0x2b, 0x1, 0x0)
sendmsg$inet(r3, &(0x7f0000000240)={&(0x7f00000000c0)={0x2, 0x4001, @dev={0xac, 0x14, 0x14, 0x32}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x200048cc)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000000)="d80000001000810468f70082db44b904021d080b01000000e8fe55a11800150006001400000000120800040043000000a80016000a00014006000d00036010fab94dcf5c0461c1d67f6f94000534cf6ee08000a0e408e8d8ef52a9d7c7c0b7a196e6f66112c88ac417898516277ce06bbace80177ccbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d0080000000000000b57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb14feb9f5588a63644caf1ce1bd6c769ad809d52a9ecbee", 0xd8}], 0x1}, 0x20000004)
close(r3)

3.341184565s ago: executing program 2 (id=1606):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000200)='./bus\x00', 0x1000000, &(0x7f00000005c0)=ANY=[], 0x1, 0x126f, &(0x7f0000001600)="$eJzs3U1rY1UcB+B/2vQtY5uq4+gMiAfdKEKcduHKTZEZEAtKtQMqCHdsqqFpU5pQiIhTV64EP4aoS3eC+AW6ceNaEES6cTkL8UqbjDNp0o522lSG59ncwznnd8+5veXCDedw9175cn1ttVlZzVoxUihEcXMsirdTpBiJ0ejYiRdu/PzL02+98+7rC4uL15ZSur7w9tzLKaWZZ35475Nvn/2xdeHGdzPfT8Tu7Pt7f8z/untp9/LeX99ErZlqzbTRaKUs3Ww0WtnNejWt1JprlZTerFezZjVNdse4275ab2xutlO2sTJd2tyqNpsp22intWo7tQqptdVO2YdZbSNVKpU0XQoexPLXt/M8j8jzsRiPPM/zqSjFhXgkpmMmyjEbj8Zj8XhcjCfiUjwZT8Xlg17nPW8AAAAAAAAAAAAAAAAAAAB4uNxn/3+hf///xHlPGQAAAAAAAAAAAAAAAAAAAB46h/f/FyN8/x8AAAAAAAAAAAAAAAAAAACG7D7f/z+0//9F+/8BAAAAAAAAAAAAAAAAAADgLEx2DkspTUasf769vL3cOXbqF1ajFvWoxtUox59xsPu/o1O+/tritavpwGy8tH6rm7+1vTzam58bK8dsYWB+rpNPvfmJKN2bn49yXBw8/vzA/GQ8/9x+/rNOvhLl+OmDaEQ9ViIK3as/yH86l9KrbyxO9eav7Pc70ugZ3xYAAAA4TZX0j/73951up4Htnabu+3nq9iwc8/vAoffzYlwpntdVc0ez/fFaVq9Xt05YGD/6POO9NVPdniceqxARWU98pvTb0v4pTzr5UyuMDnXQseP7PMA9jeL/4I95CoXfv7qnZjKGO/pI9x89q+8/P/9dKnby/EwnNj6oaeK41NHPjMIZP5MYnrs3/bxnAgAAAAAAAAAAwH8xcPXfVET0rQf8qK/mzvLw3nj/mY8e/YshXCEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA3O3AsAAAAACDM3zqNjg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//+E38bU")
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x4, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r1}, &(0x7f0000000040), &(0x7f0000000280)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x8, 0x0, 0x0, 0x41100, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket(0x10, 0x3, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101842, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f00000002c0)='rxrpc_peer\x00', r5}, 0x18)
write$selinux_validatetrans(r4, &(0x7f0000000140)={'system_u:object_r:tmpfs_t:s0', 0x20, 'system_u:object_r:sshd_key_t:s0', 0x20, 0x8, 0x20, 'system_u:system_r:kernel_t:s0\x00'}, 0x70)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000007c0)=@newqdisc={0x58, 0x24, 0xd0f, 0x3, 0x0, {0x60, 0x0, 0x0, r6, {0x0, 0x2}, {0xffff, 0xffff}, {0x4, 0x300}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{0x10, 0x3, 0x1, 0x3, 0x400, 0x8}, [@TCA_NETEM_DELAY_DIST={0x6, 0x2, "9f2b"}, @TCA_NETEM_LOSS={0xfffffffffffffe4d}]}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x40001d4}, 0x8840)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x1018e58, &(0x7f00000005c0)={[{@nodioread_nolock}, {@noblock_validity}, {@data_err_ignore}, {@max_batch_time={'max_batch_time', 0x3d, 0x8c9}}, {@nodiscard}, {@stripe={'stripe', 0x3d, 0x4}}, {@noauto_da_alloc}]}, 0x6, 0x61f, &(0x7f0000000b00)="$eJzs3c9rXNUeAPDvncmkSZv30j4ej9fyHi/wFi1I00wtVt3Y1oVdFCzYhYiLhiapodMfNCmYWGgKLhQURNyKdOM/4F66dyeCunMtVJGKikpH7syddDKZSdIkM9Pmfj5wM/ece2fO+c6dM/fce3PmBpBbY+mfQsT+iAfnk4jRpmUjUV84lq13/6ebF9IpiWr1lR+TSLK8xvpJ9rgnSwxFxJenIv5RXF3u3MLipclKte5WxJH5y9eOzC0sHp69PHlx+uL0lfLRZ48dn3iufKy8LXHuyR5Pn3n5P++//cYzM19VDidxIs6V3pqKlji2y1iMxYMsxOb8gYg4ns60eV+eNDsghFwrZp/HUkT8K0ajWEvVjcbse32tHNBV1WJEFcipRPuHnGr0AxrH9hs7Dj7X5V5J79w7WT8AWh3/QP3cSAzVjo1230+ajowGauc29m5D+WkZf9488HE6xYrzEL8ub52BbSink6XbEfHvdvEntbrtrUWaxl9YUY8kIiYiYjCr34tbqEPSNN+N8zBr2Wz8hYg4kT2m+ac2Wf5YS7rX8QOQT3dPZjvypTT1cP+X9j0a/Z9Y1f+pXxtq3XdtRr/3f537f439/VDtHHmhpR+W9lnOtn/JUmvGd++e/rBT+c39v3RKy2/0BXvh3u2IAy3xv5MGm/V/0viTNts/XeX8iY2V8dLXP5zutKzf8VfvRBxse/zzsFeazrVenxzOlpWPlY/MzFamJ+p/25bx+Revf9qp/H7Hn27/3R3ib9r+hdbnpe/JtQ2W8dnZO5c7LRtZN/7C94NJ/XhzMMt5c3J+/no5YjA5k61Sv5BVyz+6dl0a6zReI43/0P/bt/8Vn//bK19nuPGVuQHXXr10v9OyzWz/povJD6obrEMnafxT62//Ve0/zftgOXVrzTJ+ee3GfzstWyv+4S3GBgAAAAAAAHlTqF2DTQrjy/OFwvh4fbzsP2N3oXJ1bv6pmas3rkxFHKr9P2Sp0LjSPVpPJ2m6nP0/bCN9tCX9dETsi4iPisO19PiFq5WpfgcPAAAAAAAAAAAAAAAAAAAAj4k92fj/xn2qfy7Wx/8DOdHNG8wBjzftH/Kr1v5X3eIJyAP7f8gv7R/yS/uH/NL+Ib+0f8gv7R/yS/uH/NL+AQAAAGBH2ve/u98mEbH0/HBtSg1my4wIgp2t1O8KAH1T7HcFgL5ZvvSvsw+5s6H+/+/ZjwN2vzpAHyTtMmudg+rajf9u22cCAAAAAAAAAAAAAF1wcH/78f+JscGw4xn2B/m1hfH/fjoAnnB++h/yyzE+sN4o/qFOC4z/BwAAAAAAAAAAAICeGalNSWE8Gws8EoXC+HjE3yJib5SSmdnK9ERE/D0ivimWdqXpcr8rDQAAAAAAAAAAAAAAAAAAADvM3MLipclKZfp688wfq3J29kzjLqg9KOuFeMRnRdL7t2U4IpZzShGPWufuzezKPrZbeZ2BuYXF5LdqTRKxFI9PgFuKa5tn1v3qGOzqFxMAAAAAAAAAAAAAAAAAAORQ09jj9g580uMaAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDvPbz/f/dm+h0jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBk+isAAP//GjM9YA==")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xc000, 0x7f)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000001b40)={&(0x7f0000000480)={0x1c, r7, 0x62c21a4ade68aba1, 0x0, 0x0, {{0x32}, {@val={0x8, 0x117, 0x56}, @void, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4050}, 0x0)

2.477904489s ago: executing program 8 (id=1612):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00"/13], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x6}, 0x18)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='setgroups\x00')
close_range(r2, 0xffffffffffffffff, 0x0)

2.423585754s ago: executing program 4 (id=1614):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000000000f6000000006debff00850000"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r0}, 0x10)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108)
getdents64(r1, &(0x7f0000000f80)=""/4096, 0x1000)

2.347222822s ago: executing program 3 (id=1615):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x10, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @multicast2}]}, &(0x7f0000000180)=0x10)
sendmsg$OSF_MSG_REMOVE(0xffffffffffffffff, &(0x7f0000000980)={&(0x7f0000000900)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000940)={&(0x7f0000000a00)={0x710, 0x1, 0x5, 0x101, 0x0, 0x0, {0x0, 0x0, 0x8}, [{{0x254, 0x1, {{0x1, 0xfffffffd}, 0x2, 0x9, 0x7, 0x0, 0x1a, 'syz0\x00', "328b603397d05192b9aff53436f311cd395363ba272e461e7962ba6be8b73146", "d607e5b637a9b159322e2799461131e77fed355ac99cda515bcb9690a1d33480", [{0x5, 0xf136, {0x3, 0x7ff}}, {0xb, 0x5, {0x2, 0x6}}, {0x7, 0xb, {0x3, 0x1}}, {0xff, 0x200, {0x1, 0xff000000}}, {0x1, 0xb, {0x2}}, {0xf801, 0xd, {0x2, 0xdf}}, {0x5, 0x5, {0x2, 0x1}}, {0xd, 0x200}, {0x5, 0x800, {0x1, 0x4}}, {0x6, 0x0, {0x1, 0x8938}}, {0x4, 0x2, {0x1, 0x1}}, {0x1, 0x2, {0x3, 0x1}}, {0x6db5, 0xe, {0x2, 0x9}}, {0x101, 0x4, {0x2, 0x1}}, {0x4, 0x9, {0x1, 0x1}}, {0xfff, 0x8, {0x3, 0x30}}, {0x419, 0x9, {0x3, 0x2}}, {0x0, 0x6, {0x1, 0x1}}, {0x2, 0x6, {0x1}}, {0x1ff, 0x4, {0x3, 0x7}}, {0x7b, 0x9, {0x2, 0x1ff}}, {0x1, 0x7f, {0x1, 0x2}}, {0x8, 0xf, {0x2, 0x7}}, {0x8, 0x5, {0x1, 0x7}}, {0xb, 0x4, {0x0, 0x9}}, {0x2, 0x4, {0x1, 0x10}}, {0x7, 0x4, {0x1, 0x1}}, {0x0, 0x3, {0x0, 0x80000000}}, {0x1, 0x2, {0x0, 0x8}}, {0x3, 0x5, {0x2, 0x7f}}, {0x5, 0x6, {0x3, 0xfffffffe}}, {0x3a, 0x8, {0x1, 0x1be917e6}}, {0x0, 0x5f77, {0x1, 0x2}}, {0x7, 0xfff, {0x3, 0x7}}, {0xb08, 0x4, {0x2, 0x9}}, {0x1000, 0xfffb, {0x2, 0x10001}}, {0x0, 0x9, {0x3, 0xfffffff7}}, {0x7f, 0xa995, {0x3, 0x3}}, {0x2, 0x7ff, {0x2, 0x6}}, {0x80, 0x7, {0x1, 0x8}}]}}}, {{0x254, 0x1, {{0x1, 0x4}, 0x7, 0xb, 0xa, 0x4, 0x16, 'syz1\x00', "bb9857ac51f04efefb31e257722ae38bcdab752675f7e6aa716b4b812ffa4996", "8cf787b73305800abd04eaa4b62d042f03ebc98ceb0ecace667e5dcf3f21decf", [{0x10, 0x7ff, {0x2, 0x2}}, {0x0, 0x7, {0x2, 0x800}}, {0xa5, 0xf, {0x3, 0x5}}, {0x9, 0x6bb5, {0x1}}, {0x3, 0xc79, {0x0, 0x7}}, {0xca0, 0xb, {0x1, 0x8}}, {0x3, 0x800, {0x1, 0x4}}, {0x0, 0x7, {0x1, 0xc12a}}, {0x1, 0x3, {0x1, 0x2}}, {0x0, 0x7, {0x2, 0x6}}, {0xffff, 0x6, {0x3, 0x2435c7d9}}, {0x0, 0xf4, {0x3, 0x7}}, {0x1, 0x7, {0x3, 0x4}}, {0x0, 0x6, {0x0, 0x5}}, {0x3, 0x7ff, {0x2, 0x9c9}}, {0x2, 0x9, {0x0, 0x2}}, {0x0, 0xcdf, {0x1, 0x499}}, {0x7, 0x1, {0x0, 0x5}}, {0x5, 0xffca, {0x1, 0x2}}, {0x3, 0xff, {0x2, 0x80000}}, {0x8000, 0x4, {0x3, 0x8}}, {0xfff, 0x7c75, {0x1}}, {0x40, 0x8, {0x1, 0x100}}, {0xfffc, 0x4, {0x2}}, {0x5, 0xc, {0x3, 0x5}}, {0x7ff, 0x0, {0x2, 0xdda6}}, {0x5, 0xc0, {0x3, 0x9}}, {0x3ff, 0x6, {0x2, 0x5}}, {0x7, 0xffff, {0x0, 0x9}}, {0x7, 0x4, {0x1}}, {0x21, 0x9, {0x2, 0x2947d152}}, {0x9, 0x7f, {0x3, 0x2}}, {0x8, 0x3f, {0x0, 0x1}}, {0x81, 0x7, {0x0, 0x6}}, {0x7, 0xfff, {0x2, 0x3}}, {0x7, 0x9, {0x0, 0xfff}}, {0x20, 0x6, {0x0, 0x9}}, {0xa, 0x5, {0x1, 0xffff126b}}, {0x9, 0x2, {0x1, 0x3}}, {0x9, 0x264, {0x2, 0x4}}]}}}, {{0x254, 0x1, {{0x1, 0x56c}, 0xc, 0x10, 0x8, 0x9, 0x1b, 'syz1\x00', "fe960231c074611636db73258705da68922706a5b5338f7519d1917bd3492dea", "b531136230e946ab54464e32a9ae552d72190d65eae04694e63f438aba2cce25", [{0x6, 0xfbff, {0x2, 0x2}}, {0xffff, 0x7f, {0x1, 0x9}}, {0x40, 0x4099, {0x0, 0x1b18}}, {0x6, 0xd, {0x3, 0x45fd}}, {0x1000, 0x7, {0x0, 0x8}}, {0x7, 0x5, {0x2, 0x10001}}, {0x8, 0xe, {0x3, 0x40}}, {0x36a, 0x3, {0x0, 0xfffffff0}}, {0x2, 0xff3d, {0x3, 0x10}}, {0x3, 0x9, {0x2, 0x3}}, {0x5, 0x5, {0x1, 0x5}}, {0xfffe, 0x7f, {0x1, 0x80000000}}, {0x3, 0xd, {0x3, 0x2}}, {0x3ff, 0x7, {0x0, 0x849}}, {0x9155, 0x6, {0x1, 0x57b}}, {0x7, 0x3ff, {0x3, 0x7}}, {0x1, 0x3, {0x2, 0xed47}}, {0x7f, 0xfff8, {0x0, 0xa}}, {0x8f9, 0xfff5, {0x1, 0x2}}, {0xe, 0x0, {0x1, 0x97ee}}, {0x1, 0x4501, {0x3, 0xffffffff}}, {0x2, 0xcf2b, {0x0, 0x1}}, {0x8c00, 0x592, {0x1, 0xeb}}, {0x5, 0x1, {0x3, 0x3}}, {0x401, 0x4, {0x2, 0x4}}, {0x9, 0x200, {0x1, 0xffffba04}}, {0x2, 0x803, {0x1, 0x1}}, {0x0, 0x0, {0x1, 0xffff}}, {0x8, 0x2, {0x1, 0xffffff81}}, {0x0, 0x5}, {0x55, 0xc5b8, {0x1, 0x5}}, {0xfff8, 0x3ff, {0x2, 0x8}}, {0x7d3, 0x6, {0x3, 0xbc2}}, {0x7f, 0x9, {0x0, 0x7fff}}, {0xdad, 0x7, {0x0, 0x8}}, {0x8, 0x9, {0x0, 0x4}}, {0x4, 0xad7d, {0x1, 0x2}}, {0xf, 0x8b, {0x1, 0x28}}, {0x9, 0x7f}, {0x1, 0x1d0e, {0x2, 0xabe}}]}}}]}, 0x710}, 0x1, 0x0, 0x0, 0x50}, 0x4080)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x18)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x3000010, &(0x7f0000000340)={[{@errors_remount}, {@nodioread_nolock}]}, 0x1, 0x512, &(0x7f0000000380)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOv7WNu0lCZNadJ1Whbt4H8ggoJPPvki+AcIwzz4B8jAgL6ID6KiiM7og6DOlSQ3TidN2rrTNp3m84HTnHPvzf2ec0NO7o/TewMYWy9FxFsRMRERr0ZEMZ+e5in2uqm93IP77y21UxJZ9s5fk0jyab11tdcxGRFX87dNRcTXvhzxzeRg3ObO7vpirVbdysuVVn2z0tzZvb5WX1ytrlY35ufn3lh4c+H1hdks90TtLPUyP/nS529/+lu/u/Hna99uV+tzH4lC9LXjJHWbXuhsi572Nto6jWAj0PvMC6OuCAAAx9Lex/9gRHyis/9fjInO3lyfiVHUDAAAADgp2Rem499JRAYAAABcWGlETEeSlvOxANORppfycwMfjitprdFsfWqlsb2x3J4XUYpCurJWq87mY4VLUUja5bl8jG2v/FpfeT4inouI7xcvd8rlpUZtecTnPgAAAGBcXO07/v9HMe3kjzbg/wQAAACA86s0tAAAAABcFA75AQAA4OLrP/6/PaJ6AAAAAKfiK2+/3U5Z7/nXy+/ubK833r2+XG2ul+vbS+WlxtZmebXRWO3cs69+1PpqjcbmZ2Jj+2alVW22Ks2d3Rv1xvZG68baY4/ABgAAAM7Qcx+/8+skIvY+e7mTIr8PIMBj/jDqCgAnaWLUFQBGxl28YXwVRl0BYOSSI+YbvAMAAE+/mY8evP7fe/6/cwNwsRnrAwDjx/V/GF8FIwBhrKUR8YFu9plhywy9/v/L40bJsoi7xf1TnF8EAICzNd1JSVrOjwOmI03L5YhnI9JSFJKVtVp1Nj8++FWx8Ey7PNd5Z3LkmGEAAAAAAAAAAAAAAAAAAAAAAAAAoCvLksgAAACACy0i/VPSuZt/xEzxlen+8wOXkn8W44954Ufv/ODmYqu1Ndee/rfOs7wuRUTrh/n014Y+PgwAAAA4acne0Fnd4/T8de5MawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGHhw/72lXjrLuH/5YkSUBsWfjKnO61QUIuLK35OY3Pe+JCImTiD+3q2IeH5Q/CQeZllWymvRHz+NiMunHL/U2TTD4189gfgwzu60+5+3Bn3/0nip8zr4+zeZpyc1vP9L88jPd/q5Qf3fswfWVh8Y44V7P6sMjX8r4oXJwf1Pr/9NhsR/+cDa/pVl2cEY3/j67u6w+NmPI2YG/v4kj8WqtOqblebO7vW1+uJqdbW6MT8/98bCmwuvL8xWVtZq1fzvwBjf+9jPHx7W/isD4v/2N93+97D2vzJspX3+c+/m/Q91s4VB8a+9PPD3dyqGxE/z375P5vn2/Jlefq+b3+/Fn9598bD2Lw/Z/kd9/teO2f5Xv/rd3x9zUQDgDDR3dtcXa7Xq1iGZqWMs8zRmfjF1Lqrxf2ay73Q/ufNSn/ebae+tPprSa9U5qNi+THZmsSbinDT5f5mRdksAAMApeLTTP+qaAAAAAAAAAAAAAAAAAAAAwPg6i9uJ9cfcG01TAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO9d8AAAD//yLg4A8=")
syz_clone3(0x0, 0x0)

2.315424555s ago: executing program 1 (id=1616):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000c500000001f0ffff95"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000440)='mm_page_free\x00', r0, 0x0, 0x1000}, 0x18)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000380), 0x84d03, 0x0)

2.314942635s ago: executing program 4 (id=1617):
r0 = dup(0xffffffffffffffff)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x4001, 0x3, 0x220, 0x0, 0x0, 0x148, 0x1f0, 0x148, 0x498, 0x240, 0x240, 0x498, 0x240, 0x7fffffe, 0x0, {[{{@ip={@private=0xa010102, @local, 0x0, 0xff000000, 'ip6tnl0\x00', 'wlan1\x00', {}, {}, 0x88, 0x3, 0x10}, 0x0, 0x70, 0xd0}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv4=@initdev={0xac, 0x1e, 0x1, 0x0}, [0xffffff00, 0xffffff00, 0x0, 0xffffffff], 0x4e22, 0x4e22, 0x4e20, 0x4e23, 0x8, 0x2, 0x5f4a, 0x100, 0x2}}}, {{@ip={@remote, @multicast1, 0xff000000, 0xffffff00, 'tunl0\x00', 'pimreg1\x00', {}, {0xff}, 0x84, 0x0, 0x60}, 0x0, 0x70, 0xb8}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x1, 0x8, 0xba5, 0x5, 'pptp\x00', {0x4}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x280)
sendmsg$TIPC_CMD_GET_NODES(r0, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, 0x0, 0x100, 0x70bd28, 0x25dfdbfe, {}, ["", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x20040001)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000200)='cpu\t>0&&\t')

2.279171308s ago: executing program 1 (id=1618):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000340)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x1, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r0, 0x0, 0xffffffffffffffd0, 0x0, &(0x7f0000000380)="f6f4e9a1d78ad62ceef1884386dd78bb3fb7dbfc8180ca8395ccfda2e499b3dcf581", 0x0, 0xa1b, 0x0, 0x2, 0x0, &(0x7f00000001c0)='\"\n', 0x0}, 0x50)

2.222504414s ago: executing program 8 (id=1619):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000200)='./bus\x00', 0x1000000, &(0x7f00000005c0)=ANY=[], 0x1, 0x126f, &(0x7f0000001600)="$eJzs3U1rY1UcB+B/2vQtY5uq4+gMiAfdKEKcduHKTZEZEAtKtQMqCHdsqqFpU5pQiIhTV64EP4aoS3eC+AW6ceNaEES6cTkL8UqbjDNp0o522lSG59ncwznnd8+5veXCDedw9175cn1ttVlZzVoxUihEcXMsirdTpBiJ0ejYiRdu/PzL02+98+7rC4uL15ZSur7w9tzLKaWZZ35475Nvn/2xdeHGdzPfT8Tu7Pt7f8z/untp9/LeX99ErZlqzbTRaKUs3Ww0WtnNejWt1JprlZTerFezZjVNdse4275ab2xutlO2sTJd2tyqNpsp22intWo7tQqptdVO2YdZbSNVKpU0XQoexPLXt/M8j8jzsRiPPM/zqSjFhXgkpmMmyjEbj8Zj8XhcjCfiUjwZT8Xlg17nPW8AAAAAAAAAAAAAAAAAAAB4uNxn/3+hf///xHlPGQAAAAAAAAAAAAAAAAAAAB46h/f/FyN8/x8AAAAAAAAAAAAAAAAAAACG7D7f/z+0//9F+/8BAAAAAAAAAAAAAAAAAADgLEx2DkspTUasf769vL3cOXbqF1ajFvWoxtUox59xsPu/o1O+/tritavpwGy8tH6rm7+1vTzam58bK8dsYWB+rpNPvfmJKN2bn49yXBw8/vzA/GQ8/9x+/rNOvhLl+OmDaEQ9ViIK3as/yH86l9KrbyxO9eav7Pc70ugZ3xYAAAA4TZX0j/73951up4Htnabu+3nq9iwc8/vAoffzYlwpntdVc0ez/fFaVq9Xt05YGD/6POO9NVPdniceqxARWU98pvTb0v4pTzr5UyuMDnXQseP7PMA9jeL/4I95CoXfv7qnZjKGO/pI9x89q+8/P/9dKnby/EwnNj6oaeK41NHPjMIZP5MYnrs3/bxnAgAAAAAAAAAAwH8xcPXfVET0rQf8qK/mzvLw3nj/mY8e/YshXCEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA3O3AsAAAAACDM3zqNjg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//+E38bU")
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x4, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r1}, &(0x7f0000000040), &(0x7f0000000280)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x8, 0x0, 0x0, 0x41100, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101842, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f00000002c0)='rxrpc_peer\x00', r4}, 0x18)
write$selinux_validatetrans(r3, &(0x7f0000000140)={'system_u:object_r:tmpfs_t:s0', 0x20, 'system_u:object_r:sshd_key_t:s0', 0x20, 0x8, 0x20, 'system_u:system_r:kernel_t:s0\x00'}, 0x70)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', <r5=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000007c0)=@newqdisc={0x58, 0x24, 0xd0f, 0x3, 0x0, {0x60, 0x0, 0x0, r5, {0x0, 0x2}, {0xffff, 0xffff}, {0x4, 0x300}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{0x10, 0x3, 0x1, 0x3, 0x400, 0x8}, [@TCA_NETEM_DELAY_DIST={0x6, 0x2, "9f2b"}, @TCA_NETEM_LOSS={0xfffffffffffffe4d}]}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x40001d4}, 0x8840)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x1018e58, &(0x7f00000005c0)={[{@nodioread_nolock}, {@noblock_validity}, {@data_err_ignore}, {@max_batch_time={'max_batch_time', 0x3d, 0x8c9}}, {@nodiscard}, {@stripe={'stripe', 0x3d, 0x4}}, {@noauto_da_alloc}]}, 0x6, 0x61f, &(0x7f0000000b00)="$eJzs3c9rXNUeAPDvncmkSZv30j4ej9fyHi/wFi1I00wtVt3Y1oVdFCzYhYiLhiapodMfNCmYWGgKLhQURNyKdOM/4F66dyeCunMtVJGKikpH7syddDKZSdIkM9Pmfj5wM/ece2fO+c6dM/fce3PmBpBbY+mfQsT+iAfnk4jRpmUjUV84lq13/6ebF9IpiWr1lR+TSLK8xvpJ9rgnSwxFxJenIv5RXF3u3MLipclKte5WxJH5y9eOzC0sHp69PHlx+uL0lfLRZ48dn3iufKy8LXHuyR5Pn3n5P++//cYzM19VDidxIs6V3pqKlji2y1iMxYMsxOb8gYg4ns60eV+eNDsghFwrZp/HUkT8K0ajWEvVjcbse32tHNBV1WJEFcipRPuHnGr0AxrH9hs7Dj7X5V5J79w7WT8AWh3/QP3cSAzVjo1230+ajowGauc29m5D+WkZf9488HE6xYrzEL8ub52BbSink6XbEfHvdvEntbrtrUWaxl9YUY8kIiYiYjCr34tbqEPSNN+N8zBr2Wz8hYg4kT2m+ac2Wf5YS7rX8QOQT3dPZjvypTT1cP+X9j0a/Z9Y1f+pXxtq3XdtRr/3f537f439/VDtHHmhpR+W9lnOtn/JUmvGd++e/rBT+c39v3RKy2/0BXvh3u2IAy3xv5MGm/V/0viTNts/XeX8iY2V8dLXP5zutKzf8VfvRBxse/zzsFeazrVenxzOlpWPlY/MzFamJ+p/25bx+Revf9qp/H7Hn27/3R3ib9r+hdbnpe/JtQ2W8dnZO5c7LRtZN/7C94NJ/XhzMMt5c3J+/no5YjA5k61Sv5BVyz+6dl0a6zReI43/0P/bt/8Vn//bK19nuPGVuQHXXr10v9OyzWz/povJD6obrEMnafxT62//Ve0/zftgOXVrzTJ+ee3GfzstWyv+4S3GBgAAAAAAAHlTqF2DTQrjy/OFwvh4fbzsP2N3oXJ1bv6pmas3rkxFHKr9P2Sp0LjSPVpPJ2m6nP0/bCN9tCX9dETsi4iPisO19PiFq5WpfgcPAAAAAAAAAAAAAAAAAAAAj4k92fj/xn2qfy7Wx/8DOdHNG8wBjzftH/Kr1v5X3eIJyAP7f8gv7R/yS/uH/NL+Ib+0f8gv7R/yS/uH/NL+AQAAAGBH2ve/u98mEbH0/HBtSg1my4wIgp2t1O8KAH1T7HcFgL5ZvvSvsw+5s6H+/+/ZjwN2vzpAHyTtMmudg+rajf9u22cCAAAAAAAAAAAAAF1wcH/78f+JscGw4xn2B/m1hfH/fjoAnnB++h/yyzE+sN4o/qFOC4z/BwAAAAAAAAAAAICeGalNSWE8Gws8EoXC+HjE3yJib5SSmdnK9ERE/D0ivimWdqXpcr8rDQAAAAAAAAAAAAAAAAAAADvM3MLipclKZfp688wfq3J29kzjLqg9KOuFeMRnRdL7t2U4IpZzShGPWufuzezKPrZbeZ2BuYXF5LdqTRKxFI9PgFuKa5tn1v3qGOzqFxMAAAAAAAAAAAAAAAAAAORQ09jj9g580uMaAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDvPbz/f/dm+h0jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBk+isAAP//GjM9YA==")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xc000, 0x7f)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000001b40)={&(0x7f0000000480)={0x1c, r6, 0x62c21a4ade68aba1, 0x0, 0x0, {{0x32}, {@val={0x8, 0x117, 0x56}, @void, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4050}, 0x0)

2.221732124s ago: executing program 4 (id=1620):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000100)='kfree\x00', r2, 0x0, 0x4000000080000000}, 0x18)
r3 = io_uring_setup(0x1345, &(0x7f0000000940)={0x0, 0xdf07, 0x40, 0x1, 0x8105})
r4 = socket(0x40000000015, 0x5, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000880)={0x18, 0x7, &(0x7f0000000040)=ANY=[], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4c}, 0x94)
connect$inet(r4, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
bind$inet(r4, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r4, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[], 0x30}}, 0x40)
close_range(r3, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x18)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x1e00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r5, 0x0, 0x2}, 0x18)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r6, 0x0, 0xfffffffffffffffd}, 0x18)
r7 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
ioctl$USBDEVFS_IOCTL(r7, 0xc0105512, &(0x7f0000000200))
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="50000000020601080000000000000000000000080c00078008000640200000000500010006000000050005000a00000005000400000000000900020073797a31000000000c000300686173683a6970"], 0x50}, 0x1, 0x0, 0x0, 0x4010}, 0x20040000)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="44000000090601020000000000000000000000000900020073797a310000000005000100070000001c0007801800018014000240"], 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000084)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r10, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)={0x1c, 0x3, 0x6, 0x201, 0x0, 0x0, {0x7, 0x0, 0xa}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x40814)
syz_emit_ethernet(0x163, &(0x7f00000004c0)={@local, @remote, @void, {@ipv4={0x800, @generic={{0x1b, 0x4, 0x2, 0x3, 0x155, 0x66, 0x0, 0x93, 0x2e, 0x0, @loopback, @multicast1, {[@timestamp_prespec={0x44, 0xc, 0x15, 0x3, 0x3, [{@local, 0xfffffffb}]}, @ra={0x94, 0x4}, @timestamp={0x44, 0x18, 0x6f, 0x0, 0x7, [0x5, 0x2, 0x4, 0x9, 0x8]}, @lsrr={0x83, 0x13, 0x75, [@loopback, @initdev={0xac, 0x1e, 0x0, 0x0}, @rand_addr=0x64010102, @loopback]}, @end, @timestamp={0x44, 0x10, 0xb6, 0x0, 0xd, [0x2, 0x9, 0x2]}, @ssrr={0x89, 0xb, 0xaa, [@remote, @initdev={0xac, 0x1e, 0x1, 0x0}]}]}}, "5bc4c9e48a781a0fb56479ec5d61a0c4b73dcd02001975a9d605e637f88f6818978b4dfb2ff68e0a6afbe8d5e637d9d5787a6f470800b0cea5dad171bdd38848b8488e2cba93f25480f411fdd8fb400f6e426b0dc1495709a7f64aa7d3eadca92a38a47683e474a8a4ca58e943a19c8ace3f140080dd86464f73c9c8427c218568ef0b2d65f4d427cf47f2864588a0fcf1512c93047c70a15c7f738fbe81aa122f560a8a20fc6cb313c15f326a48993f21bade3bb74af16a20dcbc21967c223cadeb8dd8da20f275d738a2db73f4e0bea47a9430ebca37935b446f7da350bc7267dca128d63ffda91c"}}}}, 0x0)

2.221384054s ago: executing program 1 (id=1621):
prctl$PR_SET_NAME(0xf, &(0x7f0000000480)='gtp\x00')
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0x2}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_GET(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="b40000000107010100008000000000000700000708000540000000010800054000000000340007800800024000000006080001"], 0xb4}, 0x1, 0x0, 0x0, 0x40000}, 0x24004800)
socket$inet6_sctp(0xa, 0x1, 0x84)
sendmsg$DEVLINK_CMD_GET(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x0, 0x1, 0x0, 0x25cfdbfc, {0x54}}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000700000e0000000000000000000a20000000000a03000000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a30000000000800054000000002600000000c0a01080000000000000000010000000900020073797a32000000003400038030000080080003400000000224000b80200001800e000100636f6e6e6c696d69740000000c00028008000140000000000900010073797a30"], 0xe4}, 0x1, 0x0, 0x0, 0x24040095}, 0x0)

2.191346307s ago: executing program 1 (id=1622):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000004000000080000000800000000", @ANYBLOB, @ANYRES32=0x0, @ANYRES32], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000200)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
syz_open_dev$usbmon(&(0x7f0000000080), 0x6a2, 0x20000)
r5 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_CLEAR_HALT(r5, 0xc0105502, &(0x7f0000000300)={0x1, 0x1})
setsockopt$ARPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x61, &(0x7f0000000180)={'filter\x00', 0x4}, 0x68)

1.962572459s ago: executing program 3 (id=1623):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket(0xa, 0x5, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f00000000c0)=[@in6={0xa, 0x4e24, 0x4, @ipv4={'\x00', '\xff\xff', @remote}, 0x3}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x3f}}, @in={0x2, 0x4e22, @multicast1}], 0x4c)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000380), r1)
pipe2(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000280)='kmem_cache_free\x00', r5}, 0x18)
getpid()
setns(0xffffffffffffffff, 0x8020000)
mount_setattr(0xffffffffffffff9c, &(0x7f0000000180)='.\x00', 0x0, &(0x7f0000001dc0)={0x8, 0x72, 0x80000}, 0x20)
socket$key(0xf, 0x3, 0x2)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r2, 0x10, &(0x7f0000000340)={0x8, 0x0, &(0x7f0000000240)=[{&(0x7f0000000200)=""/54, 0x36}], &(0x7f0000000300)=[0x6, 0x2b8d], 0x1}, 0x20)
unshare(0x20000400)
r6 = timerfd_create(0x8, 0x0)
timerfd_settime(r6, 0x3, &(0x7f0000000040)={{0x77359400}, {0x0, 0x989680}}, 0x0)
timerfd_gettime(r6, 0x0)
sendfile(r3, r4, 0x0, 0xc19)
r7 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_rx_ring(r7, 0x107, 0x5, &(0x7f00000000c0)=@req={0x8000, 0xb4f, 0x300, 0x3}, 0x10)
sendmsg$IPCTNL_MSG_CT_GET_STATS_CPU(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x4, 0x1, 0x201}, 0x14}, 0x1, 0x0, 0x0, 0x78ae43d9a4c16c5b}, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000080b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r8}, 0x10)
add_key(&(0x7f0000000280)='rxrpc\x00', 0x0, &(0x7f0000000100)="01000000020000000000006bb55a2a630bf7c045f94cd977", 0x18, 0xffffffffffffffff)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)
syz_io_uring_complete(0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000010000000000000000080000000a90000000030a0300000000000000000002e000000c00020000000000000000010900010073797a30"], 0xb8}}, 0x0)

1.801364235s ago: executing program 3 (id=1624):
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x9)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000000, &(0x7f0000000600)={[{@grpid}]}, 0x1, 0x521, &(0x7f0000000640)="$eJzs3d9rZFcdAPDvvcmkyW5qpiqyFmyLrewW3ZmksRpF2gqiTwW1vq8xmYSQSSZkJnUTiqb4BwgiKvgH+CL44KMg/RNEWNB3UVFEd/VR98qdudH8mEnGZJJZJ58PnMw598f5nnPJ3Lk/DvcGcG29EBFvRMRYRLwcETPF9LRIsd9J+XKPHr6zlKcksuytvyaRFNMO6srL4xFxs1htMiK++qWIbyQn4zZ399YX6/XadlGutja2qs3dvbtrG4urtdXa5vz83M8j4tWF2axwoX6WI+K1L/zxB9/9yRdf++Unvvm7e3++8628WZ/7UKfdEbF0oQA9dOoutbfFgXwbbV9GsCHJ+1MaG3YrAADoR36M//6I+Gj7+H8mxtpHcwAAAMAoyV6fjn8mERkAAAAwstKImI4krRRjAaYjTSuVzhjeD8aNtN5otj6+0tjZXM7nRZSjlK6s1WuzxVjhcpSSvDxXjLE9KL9yrDwfEc9ExPdnptrlylKjvjzsix8AAABwTdx8/uj5/z9m0nYeAAAAGDHlngUAAABgVDjlBwAAgNHn/B8AAABG2pfffDNP2cF7vJff3t1Zb7x9d7nWXK9s7CxVlhrbW5XVRmO1/cy+jbPqqzcaW5+MzZ371Vat2ao2d/fubTR2Nlv31o68AhsAAAC4Qs88/95vk4jY/+xUO0XxHECAI/4w7AYAgzQ27AYAQzM+7AYAQ1M6cwl7CBh1yRnzTw7e6VwrjF9dTnsAAIDBu/3hk/f/J4p5Z18bAP6fGesDANfP0bt7U0NrB3D1SucdAXhr0C0BhuV9nY+nes3v+fCOPu7/d64xZNm5GgYAAAzMdDslaaU4Tp+ONK1UIp6Ox1k5SsnKWr02W5wf/Gam9FRenmuvmZw5ZhgAAAAAAAAAAAAAAAAAAAAAAAAA6MiyJDIAAABgpEWkf0raT/OPuD3z0vTRqwPH3vr147d+eH+x1dqei5hI/jaTT5qIiNaPiumvZF4JAAAAAMM1lf/pnKcXn3PDbhIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAo+bRw3eWDtJVxv3L5yOi3C3+eEy2PyejFBE3/p7E+KH1kogYG0D8/Xcj4la3+Ek8zrKsXLSiW/ypS45fbm+a7vHTiLg5gPhwnb2X73/e6Pb9S+OF9mf37994kS6q9/4v/c/+b6zH/ufpY+Venn3ws2rP+O9GPDveff9zED/pxD8SIi+82Gcfv/61vb2uMw5V2S3+4VjV1sZWtbm7d3dtY3G1tlrbnJ+f+9TCpxdeXZitrqzVa8XfrmG+95FfPD6t/zd6xC8f7f+J7f9SX73P4l8P7j/8QKdQ6hb/zovdf39v9YifFr99Hyvy+fzbB/n9Tv6w53766+dO6/9yj/5PntH/O331Pz7z8le+8/uuc05sDQDgKjR399YX6/Xa9imZyT6W+Z8yERet5/WBtudJyMTZy0w+IU29jEz27c7/48XqueDqJzLZRVYfjwE0Y+LE93QszlthErGf19XnPyQAADBi/nvQf9odJAAAAAAAAAAAAAAAAAAAAOAynfOxZJMR0ffCx2PuD6erAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACn+ncAAAD//+8b0g8=")
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$kcm(0x2b, 0x1, 0x0)
sendmsg$inet(r3, &(0x7f0000000240)={&(0x7f00000000c0)={0x2, 0x4001, @dev={0xac, 0x14, 0x14, 0x32}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x200048cc)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000000)="d80000001000810468f70082db44b904021d080b01000000e8fe55a11800150006001400000000120800040043000000a80016000a00014006000d00036010fab94dcf5c0461c1d67f6f94000534cf6ee08000a0e408e8d8ef52a9d7c7c0b7a196e6f66112c88ac417898516277ce06bbace80177ccbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d0080000000000000b57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb14feb9f5588a63644caf1ce1bd6c769ad809d52a9ecbee", 0xd8}], 0x1}, 0x20000004)
close(r3)

1.7468357s ago: executing program 2 (id=1625):
bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x10, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000001c0)={[{@delalloc}, {@nombcache}, {@barrier}, {@dioread_lock}, {@stripe={'stripe', 0x3d, 0x8}}, {@resgid}, {@data_err_ignore}, {@jqfmt_vfsv0}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001600)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x2, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r3}, &(0x7f0000000040), &(0x7f0000000280)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x6, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x200e19}, 0x94)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7, 0x0, 0x0, 0x41100}, 0x95)
r5 = socket$packet(0x11, 0x2, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000feffffff0000000000040000851000000200000085000000230000009500000000000000"], 0x0, 0xfffffffe, 0x0, 0x0, 0x727c45cd4283345, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f0000000180), 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
mount$cgroup(0x0, 0x0, &(0x7f0000000040), 0x0, 0x0)
syz_clone(0x42164000, 0x0, 0x0, 0x0, 0x0, 0x0)

628.902819ms ago: executing program 3 (id=1626):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x50, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x50}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700000000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000100850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xa, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000100), 0x208e24b)

596.110022ms ago: executing program 4 (id=1627):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f00000000c0)='netlink_extack\x00', r0}, 0x10)
r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0xff, 0x0, 0x4, 0x4600, 0x8, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x2000000000}, 0x0, 0x0, 0x8}, 0x0, 0xe, 0xffffffffffffffff, 0x9)
pidfd_getfd(0xffffffffffffffff, r2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x0, 0xc, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES64=r1, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair(0xf, 0x3, 0x2, &(0x7f00000001c0))
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000000c0)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="020900000700000000000000000000000500", @ANYRES32], 0x38}}, 0x0)
syz_clone(0x8d002240, 0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_TASK_PERF_EVENTS_DISABLE(0x1f)

420.441179ms ago: executing program 8 (id=1628):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000000000f6000000006debff00850000"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r0}, 0x10)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108)
getdents64(r1, &(0x7f0000000f80)=""/4096, 0x1000)

417.59077ms ago: executing program 2 (id=1629):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x4, &(0x7f0000000700)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x14, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000000}, 0x94)
r0 = socket$inet6(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv_slave_0\x00'})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), 0x0, 0x5, r1}, 0x38)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000980)={&(0x7f0000000180)='kfree\x00', r2}, 0x18)
setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r5=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="2000000011000101000000000001000000000000", @ANYRES32=r5], 0x20}}, 0x2000c004)
close(r0)

417.092509ms ago: executing program 4 (id=1630):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000c500000001f0ffff95"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000440)='mm_page_free\x00', r0, 0x0, 0x1000}, 0x18)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000380), 0x84d03, 0x0)

341.929497ms ago: executing program 3 (id=1631):
r0 = dup(0xffffffffffffffff)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x4001, 0x3, 0x220, 0x0, 0x0, 0x148, 0x1f0, 0x148, 0x498, 0x240, 0x240, 0x498, 0x240, 0x7fffffe, 0x0, {[{{@ip={@private=0xa010102, @local, 0x0, 0xff000000, 'ip6tnl0\x00', 'wlan1\x00', {}, {}, 0x88, 0x3, 0x10}, 0x0, 0x70, 0xd0}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv4=@initdev={0xac, 0x1e, 0x1, 0x0}, [0xffffff00, 0xffffff00, 0x0, 0xffffffff], 0x4e22, 0x4e22, 0x4e20, 0x4e23, 0x8, 0x2, 0x5f4a, 0x100, 0x2}}}, {{@ip={@remote, @multicast1, 0xff000000, 0xffffff00, 'tunl0\x00', 'pimreg1\x00', {}, {0xff}, 0x84, 0x0, 0x60}, 0x0, 0x70, 0xb8}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x1, 0x8, 0xba5, 0x5, 'pptp\x00', {0x4}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x280)
sendmsg$TIPC_CMD_GET_NODES(r0, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, 0x0, 0x100, 0x70bd28, 0x25dfdbfe, {}, ["", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x20040001)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000200)='cpu\t>0&&\t')

310.73314ms ago: executing program 4 (id=1632):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000200)='./bus\x00', 0x1000000, &(0x7f00000005c0)=ANY=[], 0x1, 0x126f, &(0x7f0000001600)="$eJzs3U1rY1UcB+B/2vQtY5uq4+gMiAfdKEKcduHKTZEZEAtKtQMqCHdsqqFpU5pQiIhTV64EP4aoS3eC+AW6ceNaEES6cTkL8UqbjDNp0o522lSG59ncwznnd8+5veXCDedw9175cn1ttVlZzVoxUihEcXMsirdTpBiJ0ejYiRdu/PzL02+98+7rC4uL15ZSur7w9tzLKaWZZ35475Nvn/2xdeHGdzPfT8Tu7Pt7f8z/untp9/LeX99ErZlqzbTRaKUs3Ww0WtnNejWt1JprlZTerFezZjVNdse4275ab2xutlO2sTJd2tyqNpsp22intWo7tQqptdVO2YdZbSNVKpU0XQoexPLXt/M8j8jzsRiPPM/zqSjFhXgkpmMmyjEbj8Zj8XhcjCfiUjwZT8Xlg17nPW8AAAAAAAAAAAAAAAAAAAB4uNxn/3+hf///xHlPGQAAAAAAAAAAAAAAAAAAAB46h/f/FyN8/x8AAAAAAAAAAAAAAAAAAACG7D7f/z+0//9F+/8BAAAAAAAAAAAAAAAAAADgLEx2DkspTUasf769vL3cOXbqF1ajFvWoxtUox59xsPu/o1O+/tritavpwGy8tH6rm7+1vTzam58bK8dsYWB+rpNPvfmJKN2bn49yXBw8/vzA/GQ8/9x+/rNOvhLl+OmDaEQ9ViIK3as/yH86l9KrbyxO9eav7Pc70ugZ3xYAAAA4TZX0j/73951up4Htnabu+3nq9iwc8/vAoffzYlwpntdVc0ez/fFaVq9Xt05YGD/6POO9NVPdniceqxARWU98pvTb0v4pTzr5UyuMDnXQseP7PMA9jeL/4I95CoXfv7qnZjKGO/pI9x89q+8/P/9dKnby/EwnNj6oaeK41NHPjMIZP5MYnrs3/bxnAgAAAAAAAAAAwH8xcPXfVET0rQf8qK/mzvLw3nj/mY8e/YshXCEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA3O3AsAAAAACDM3zqNjg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//+E38bU")
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x4, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r1}, &(0x7f0000000040), &(0x7f0000000280)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x8, 0x0, 0x0, 0x41100, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket(0x10, 0x3, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101842, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f00000002c0)='rxrpc_peer\x00', r5}, 0x18)
write$selinux_validatetrans(r4, &(0x7f0000000140)={'system_u:object_r:tmpfs_t:s0', 0x20, 'system_u:object_r:sshd_key_t:s0', 0x20, 0x8, 0x20, 'system_u:system_r:kernel_t:s0\x00'}, 0x70)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000007c0)=@newqdisc={0x58, 0x24, 0xd0f, 0x3, 0x0, {0x60, 0x0, 0x0, r6, {0x0, 0x2}, {0xffff, 0xffff}, {0x4, 0x300}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{0x10, 0x3, 0x1, 0x3, 0x400, 0x8}, [@TCA_NETEM_DELAY_DIST={0x6, 0x2, "9f2b"}, @TCA_NETEM_LOSS={0xfffffffffffffe4d}]}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x40001d4}, 0x8840)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x1018e58, &(0x7f00000005c0)={[{@nodioread_nolock}, {@noblock_validity}, {@data_err_ignore}, {@max_batch_time={'max_batch_time', 0x3d, 0x8c9}}, {@nodiscard}, {@stripe={'stripe', 0x3d, 0x4}}, {@noauto_da_alloc}]}, 0x6, 0x61f, &(0x7f0000000b00)="$eJzs3c9rXNUeAPDvncmkSZv30j4ej9fyHi/wFi1I00wtVt3Y1oVdFCzYhYiLhiapodMfNCmYWGgKLhQURNyKdOM/4F66dyeCunMtVJGKikpH7syddDKZSdIkM9Pmfj5wM/ece2fO+c6dM/fce3PmBpBbY+mfQsT+iAfnk4jRpmUjUV84lq13/6ebF9IpiWr1lR+TSLK8xvpJ9rgnSwxFxJenIv5RXF3u3MLipclKte5WxJH5y9eOzC0sHp69PHlx+uL0lfLRZ48dn3iufKy8LXHuyR5Pn3n5P++//cYzM19VDidxIs6V3pqKlji2y1iMxYMsxOb8gYg4ns60eV+eNDsghFwrZp/HUkT8K0ajWEvVjcbse32tHNBV1WJEFcipRPuHnGr0AxrH9hs7Dj7X5V5J79w7WT8AWh3/QP3cSAzVjo1230+ajowGauc29m5D+WkZf9488HE6xYrzEL8ub52BbSink6XbEfHvdvEntbrtrUWaxl9YUY8kIiYiYjCr34tbqEPSNN+N8zBr2Wz8hYg4kT2m+ac2Wf5YS7rX8QOQT3dPZjvypTT1cP+X9j0a/Z9Y1f+pXxtq3XdtRr/3f537f439/VDtHHmhpR+W9lnOtn/JUmvGd++e/rBT+c39v3RKy2/0BXvh3u2IAy3xv5MGm/V/0viTNts/XeX8iY2V8dLXP5zutKzf8VfvRBxse/zzsFeazrVenxzOlpWPlY/MzFamJ+p/25bx+Revf9qp/H7Hn27/3R3ib9r+hdbnpe/JtQ2W8dnZO5c7LRtZN/7C94NJ/XhzMMt5c3J+/no5YjA5k61Sv5BVyz+6dl0a6zReI43/0P/bt/8Vn//bK19nuPGVuQHXXr10v9OyzWz/povJD6obrEMnafxT62//Ve0/zftgOXVrzTJ+ee3GfzstWyv+4S3GBgAAAAAAAHlTqF2DTQrjy/OFwvh4fbzsP2N3oXJ1bv6pmas3rkxFHKr9P2Sp0LjSPVpPJ2m6nP0/bCN9tCX9dETsi4iPisO19PiFq5WpfgcPAAAAAAAAAAAAAAAAAAAAj4k92fj/xn2qfy7Wx/8DOdHNG8wBjzftH/Kr1v5X3eIJyAP7f8gv7R/yS/uH/NL+Ib+0f8gv7R/yS/uH/NL+AQAAAGBH2ve/u98mEbH0/HBtSg1my4wIgp2t1O8KAH1T7HcFgL5ZvvSvsw+5s6H+/+/ZjwN2vzpAHyTtMmudg+rajf9u22cCAAAAAAAAAAAAAF1wcH/78f+JscGw4xn2B/m1hfH/fjoAnnB++h/yyzE+sN4o/qFOC4z/BwAAAAAAAAAAAICeGalNSWE8Gws8EoXC+HjE3yJib5SSmdnK9ERE/D0ivimWdqXpcr8rDQAAAAAAAAAAAAAAAAAAADvM3MLipclKZfp688wfq3J29kzjLqg9KOuFeMRnRdL7t2U4IpZzShGPWufuzezKPrZbeZ2BuYXF5LdqTRKxFI9PgFuKa5tn1v3qGOzqFxMAAAAAAAAAAAAAAAAAAORQ09jj9g580uMaAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDvPbz/f/dm+h0jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBk+isAAP//GjM9YA==")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xc000, 0x7f)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000001b40)={&(0x7f0000000480)={0x1c, r7, 0x62c21a4ade68aba1, 0x0, 0x0, {{0x32}, {@val={0x8, 0x117, 0x56}, @void, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4050}, 0x0)

222.205708ms ago: executing program 3 (id=1633):
bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[], 0x48)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000001c0)={[{@delalloc}, {@nombcache}, {@barrier}, {@dioread_lock}, {@stripe={'stripe', 0x3d, 0x8}}, {@resgid}, {@data_err_ignore}, {@jqfmt_vfsv0}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001600)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x2, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r3}, &(0x7f0000000040), &(0x7f0000000280)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x6, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x200e19}, 0x94)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7, 0x0, 0x0, 0x41100}, 0x95)
r6 = socket$packet(0x11, 0x2, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000feffffff0000000000040000851000000200000085000000230000009500000000000000"], 0x0, 0xfffffffe, 0x0, 0x0, 0x727c45cd4283345, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r6, 0x1, 0x32, &(0x7f0000000180), 0x4)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000015c0)={&(0x7f0000001480)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0xc, [@fwd={0x1}, @union={0x2, 0x1, 0x0, 0x5, 0x0, 0x0, [{0xa, 0x1}]}]}, {0x0, [0x5f, 0x2e, 0x61, 0x30, 0x5f, 0x0, 0x0, 0x0, 0x0, 0x61]}}, &(0x7f0000001540)=""/74, 0x48, 0x4a, 0x1}, 0x28)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
mount$cgroup(0x0, 0x0, &(0x7f0000000040), 0x0, 0x0)
syz_clone(0x42164000, 0x0, 0x0, 0x0, 0x0, 0x0)

188.226061ms ago: executing program 2 (id=1634):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="01032757c38d085641a7260000000c000180080001"], 0x20}, 0x1, 0x0, 0x0, 0x20040005}, 0x0)

157.089315ms ago: executing program 8 (id=1635):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket(0xa, 0x5, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f00000000c0)=[@in6={0xa, 0x4e24, 0x4, @ipv4={'\x00', '\xff\xff', @remote}, 0x3}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x3f}}, @in={0x2, 0x4e22, @multicast1}], 0x4c)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000380), r1)
pipe2(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000280)='kmem_cache_free\x00', r5}, 0x18)
getpid()
setns(0xffffffffffffffff, 0x8020000)
mount_setattr(0xffffffffffffff9c, &(0x7f0000000180)='.\x00', 0x0, &(0x7f0000001dc0)={0x8, 0x72, 0x80000}, 0x20)
socket$key(0xf, 0x3, 0x2)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r2, 0x10, &(0x7f0000000340)={0x8, 0x0, &(0x7f0000000240)=[{&(0x7f0000000200)=""/54, 0x36}], &(0x7f0000000300)=[0x6, 0x2b8d], 0x1}, 0x20)
unshare(0x20000400)
r6 = timerfd_create(0x8, 0x0)
timerfd_settime(r6, 0x3, &(0x7f0000000040)={{0x77359400}, {0x0, 0x989680}}, 0x0)
timerfd_gettime(r6, 0x0)
sendfile(r3, r4, 0x0, 0xc19)
r7 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_rx_ring(r7, 0x107, 0x5, &(0x7f00000000c0)=@req={0x8000, 0xb4f, 0x300, 0x3}, 0x10)
sendmsg$IPCTNL_MSG_CT_GET_STATS_CPU(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x4, 0x1, 0x201}, 0x14}, 0x1, 0x0, 0x0, 0x78ae43d9a4c16c5b}, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000080b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r8}, 0x10)
add_key(&(0x7f0000000280)='rxrpc\x00', 0x0, &(0x7f0000000100)="01000000020000000000006bb55a2a630bf7c045f94cd977", 0x18, 0xffffffffffffffff)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)
syz_io_uring_complete(0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000010000000000000000080000000a90000000030a0300000000000000000002e000000c00020000000000000000010900010073797a30"], 0xb8}}, 0x0)

140.582046ms ago: executing program 1 (id=1636):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[], 0x48)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000060000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
openat$selinux_validatetrans(0xffffffffffffff9c, 0x0, 0x1, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x87f}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8080}, 0x40020)
sendmsg$nl_route_sched(r3, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000600)=@newtfilter={0x24, 0x2c, 0xd27, 0x70bd25, 0x5, {0x0, 0x0, 0x0, r5, {0x0, 0xfffc}, {}, {0x4, 0x2}}}, 0x24}, 0x1, 0x0, 0x0, 0xc004884}, 0x0)

139.966276ms ago: executing program 2 (id=1637):
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x9)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000000, &(0x7f0000000600)={[{@grpid}]}, 0x1, 0x521, &(0x7f0000000640)="$eJzs3d9rZFcdAPDvvcmkyW5qpiqyFmyLrewW3ZmksRpF2gqiTwW1vq8xmYSQSSZkJnUTiqb4BwgiKvgH+CL44KMg/RNEWNB3UVFEd/VR98qdudH8mEnGZJJZJ58PnMw598f5nnPJ3Lk/DvcGcG29EBFvRMRYRLwcETPF9LRIsd9J+XKPHr6zlKcksuytvyaRFNMO6srL4xFxs1htMiK++qWIbyQn4zZ399YX6/XadlGutja2qs3dvbtrG4urtdXa5vz83M8j4tWF2axwoX6WI+K1L/zxB9/9yRdf++Unvvm7e3++8628WZ/7UKfdEbF0oQA9dOoutbfFgXwbbV9GsCHJ+1MaG3YrAADoR36M//6I+Gj7+H8mxtpHcwAAAMAoyV6fjn8mERkAAAAwstKImI4krRRjAaYjTSuVzhjeD8aNtN5otj6+0tjZXM7nRZSjlK6s1WuzxVjhcpSSvDxXjLE9KL9yrDwfEc9ExPdnptrlylKjvjzsix8AAABwTdx8/uj5/z9m0nYeAAAAGDHlngUAAABgVDjlBwAAgNHn/B8AAABG2pfffDNP2cF7vJff3t1Zb7x9d7nWXK9s7CxVlhrbW5XVRmO1/cy+jbPqqzcaW5+MzZ371Vat2ao2d/fubTR2Nlv31o68AhsAAAC4Qs88/95vk4jY/+xUO0XxHECAI/4w7AYAgzQ27AYAQzM+7AYAQ1M6cwl7CBh1yRnzTw7e6VwrjF9dTnsAAIDBu/3hk/f/J4p5Z18bAP6fGesDANfP0bt7U0NrB3D1SucdAXhr0C0BhuV9nY+nes3v+fCOPu7/d64xZNm5GgYAAAzMdDslaaU4Tp+ONK1UIp6Ox1k5SsnKWr02W5wf/Gam9FRenmuvmZw5ZhgAAAAAAAAAAAAAAAAAAAAAAAAA6MiyJDIAAABgpEWkf0raT/OPuD3z0vTRqwPH3vr147d+eH+x1dqei5hI/jaTT5qIiNaPiumvZF4JAAAAAMM1lf/pnKcXn3PDbhIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAo+bRw3eWDtJVxv3L5yOi3C3+eEy2PyejFBE3/p7E+KH1kogYG0D8/Xcj4la3+Ek8zrKsXLSiW/ypS45fbm+a7vHTiLg5gPhwnb2X73/e6Pb9S+OF9mf37994kS6q9/4v/c/+b6zH/ufpY+Venn3ws2rP+O9GPDveff9zED/pxD8SIi+82Gcfv/61vb2uMw5V2S3+4VjV1sZWtbm7d3dtY3G1tlrbnJ+f+9TCpxdeXZitrqzVa8XfrmG+95FfPD6t/zd6xC8f7f+J7f9SX73P4l8P7j/8QKdQ6hb/zovdf39v9YifFr99Hyvy+fzbB/n9Tv6w53766+dO6/9yj/5PntH/O331Pz7z8le+8/uuc05sDQDgKjR399YX6/Xa9imZyT6W+Z8yERet5/WBtudJyMTZy0w+IU29jEz27c7/48XqueDqJzLZRVYfjwE0Y+LE93QszlthErGf19XnPyQAADBi/nvQf9odJAAAAAAAAAAAAAAAAAAAAOAynfOxZJMR0ffCx2PuD6erAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACn+ncAAAD//+8b0g8=")
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$kcm(0x2b, 0x1, 0x0)
sendmsg$inet(r3, &(0x7f0000000240)={&(0x7f00000000c0)={0x2, 0x4001, @dev={0xac, 0x14, 0x14, 0x32}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x200048cc)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000000)="d80000001000810468f70082db44b904021d080b01000000e8fe55a11800150006001400000000120800040043000000a80016000a00014006000d00036010fab94dcf5c0461c1d67f6f94000534cf6ee08000a0e408e8d8ef52a9d7c7c0b7a196e6f66112c88ac417898516277ce06bbace80177ccbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d0080000000000000b57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb14feb9f5588a63644caf1ce1bd6c769ad809d52a9ecbee", 0xd8}], 0x1}, 0x20000004)
close(r3)

15.125409ms ago: executing program 8 (id=1638):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000100)='kfree\x00', r2, 0x0, 0x4000000080000000}, 0x18)
r3 = io_uring_setup(0x1345, &(0x7f0000000940)={0x0, 0xdf07, 0x40, 0x1, 0x8105})
r4 = socket(0x40000000015, 0x5, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000880)={0x18, 0x7, &(0x7f0000000040)=ANY=[@ANYBLOB], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4c}, 0x94)
connect$inet(r4, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
bind$inet(r4, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r4, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[], 0x30}}, 0x40)
close_range(r3, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x18)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x1e00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r5, 0x0, 0x2}, 0x18)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r6, 0x0, 0xfffffffffffffffd}, 0x18)
r7 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
ioctl$USBDEVFS_IOCTL(r7, 0xc0105512, &(0x7f0000000200))
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="50000000020601080000000000000000000000080c00078008000640200000000500010006000000050005000a00000005000400000000000900020073797a31000000000c000300686173683a6970"], 0x50}, 0x1, 0x0, 0x0, 0x4010}, 0x20040000)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="44000000090601020000000000000000000000000900020073797a310000000005000100070000001c0007801800018014000240"], 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000084)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r10, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)={0x1c, 0x3, 0x6, 0x201, 0x0, 0x0, {0x7, 0x0, 0xa}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x40814)
syz_emit_ethernet(0x163, &(0x7f00000004c0)={@local, @remote, @void, {@ipv4={0x800, @generic={{0x1b, 0x4, 0x2, 0x3, 0x155, 0x66, 0x0, 0x93, 0x2e, 0x0, @loopback, @multicast1, {[@timestamp_prespec={0x44, 0xc, 0x15, 0x3, 0x3, [{@local, 0xfffffffb}]}, @ra={0x94, 0x4}, @timestamp={0x44, 0x18, 0x6f, 0x0, 0x7, [0x5, 0x2, 0x4, 0x9, 0x8]}, @lsrr={0x83, 0x13, 0x75, [@loopback, @initdev={0xac, 0x1e, 0x0, 0x0}, @rand_addr=0x64010102, @loopback]}, @end, @timestamp={0x44, 0x10, 0xb6, 0x0, 0xd, [0x2, 0x9, 0x2]}, @ssrr={0x89, 0xb, 0xaa, [@remote, @initdev={0xac, 0x1e, 0x1, 0x0}]}]}}, "5bc4c9e48a781a0fb56479ec5d61a0c4b73dcd02001975a9d605e637f88f6818978b4dfb2ff68e0a6afbe8d5e637d9d5787a6f470800b0cea5dad171bdd38848b8488e2cba93f25480f411fdd8fb400f6e426b0dc1495709a7f64aa7d3eadca92a38a47683e474a8a4ca58e943a19c8ace3f140080dd86464f73c9c8427c218568ef0b2d65f4d427cf47f2864588a0fcf1512c93047c70a15c7f738fbe81aa122f560a8a20fc6cb313c15f326a48993f21bade3bb74af16a20dcbc21967c223cadeb8dd8da20f275d738a2db73f4e0bea47a9430ebca37935b446f7da350bc7267dca128d63ffda91c"}}}}, 0x0)

0s ago: executing program 1 (id=1639):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x7005}, 0x4)
syz_genetlink_get_family_id$devlink(&(0x7f0000000100), 0xffffffffffffffff)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@deltaction={0x34, 0x18, 0x1, 0x70bd2a, 0x25dfdc00, {0xa}, [@TCA_ACT_TAB={0x20, 0x1, [{0xc, 0x8f, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}, {0x10, 0x8, 0x0, 0x0, @TCA_ACT_KIND={0xc, 0x1, 'skbedit\x00'}}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x44000}, 0x20040844)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x8}, 0x18)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000440)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @loopback}}, 0x80, 0x0, 0x0, 0x0, 0x10b8}, 0x106)
r3 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
setsockopt$bt_BT_POWER(r4, 0x112, 0x9, &(0x7f0000000000)=0x4, 0x1)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='mm_page_free\x00', r5, 0x0, 0x4}, 0x18)
io_setup(0x8f0, &(0x7f0000002400))

kernel console output (not intermixed with test programs):

[  155.284178][ T7203] Unable to read rock-ridge attributes
[  155.284633][ T7206] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  155.300316][ T7203] Unable to read rock-ridge attributes
[  155.309143][ T7205] loop7: detected capacity change from 0 to 512
[  155.326924][ T7205] EXT4-fs (loop7): revision level too high, forcing read-only mode
[  155.335247][ T7205] EXT4-fs (loop7): orphan cleanup on readonly fs
[  155.348848][ T7205] EXT4-fs error (device loop7): ext4_do_update_inode:5632: inode #16: comm syz.7.1191: corrupted inode contents
[  155.380481][ T7205] EXT4-fs (loop7): Remounting filesystem read-only
[  155.406888][ T7205] EXT4-fs (loop7): 1 truncate cleaned up
[  155.412764][ T4652] EXT4-fs (loop7): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  155.423384][ T4652] EXT4-fs (loop7): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  155.445605][ T4652] EXT4-fs (loop7): Quota write (off=8, len=24) cancelled because transaction is not started
[  155.456593][ T7205] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  155.550869][ T4410] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  155.572449][ T7216] random: crng reseeded on system resumption
[  155.728113][   T29] kauditd_printk_skb: 190 callbacks suppressed
[  155.728130][   T29] audit: type=1400 audit(2000000113.700:2697): avc:  denied  { create } for  pid=7224 comm="syz.1.1193" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  155.755058][   T29] audit: type=1400 audit(2000000113.700:2698): avc:  denied  { write } for  pid=7224 comm="syz.1.1193" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  155.775671][   T29] audit: type=1400 audit(2000000113.720:2699): avc:  denied  { create } for  pid=7234 comm="syz.7.1201" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  155.796586][   T29] audit: type=1400 audit(2000000113.720:2700): avc:  denied  { write } for  pid=7234 comm="syz.7.1201" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  155.817324][   T29] audit: type=1400 audit(2000000113.720:2701): avc:  denied  { read } for  pid=7234 comm="syz.7.1201" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  155.842566][   T29] audit: type=1400 audit(2000000113.770:2702): avc:  denied  { read } for  pid=7228 comm="syz.3.1199" dev="nsfs" ino=4026532441 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  155.863796][   T29] audit: type=1400 audit(2000000113.770:2703): avc:  denied  { open } for  pid=7228 comm="syz.3.1199" path="net:[4026532441]" dev="nsfs" ino=4026532441 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  155.887152][   T29] audit: type=1400 audit(2000000113.820:2704): avc:  denied  { setopt } for  pid=7226 comm="syz.5.1200" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  155.909648][   T29] audit: type=1400 audit(2000000113.900:2705): avc:  denied  { setopt } for  pid=7228 comm="syz.3.1199" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  155.929333][   T29] audit: type=1400 audit(2000000113.900:2706): avc:  denied  { ioctl } for  pid=7228 comm="syz.3.1199" path="/dev/virtual_nci" dev="devtmpfs" ino=132 ioctlcmd=0x0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  155.965438][ T7227] lo speed is unknown, defaulting to 1000
[  155.988613][ T3407] IPVS: starting estimator thread 0...
[  156.078612][ T7244] IPVS: using max 2400 ests per chain, 120000 per kthread
[  156.132833][ T7256] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1207'.
[  156.141829][ T7256] netlink: 16 bytes leftover after parsing attributes in process `syz.7.1207'.
[  156.164055][ T7256] loop7: detected capacity change from 0 to 128
[  156.173849][ T7256] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (30846!=65535)
[  156.186977][ T7256] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none.
[  156.201594][ T7256] EXT4-fs (loop7): ext4_remount: Checksum for group 0 failed (30846!=65535)
[  156.222062][ T4410] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  156.344342][ T7263] random: crng reseeded on system resumption
[  156.355796][ T7267] loop7: detected capacity change from 0 to 512
[  156.368399][ T7267] EXT4-fs (loop7): revision level too high, forcing read-only mode
[  156.376584][ T7267] EXT4-fs (loop7): orphan cleanup on readonly fs
[  156.382045][ T7273] netlink: 92 bytes leftover after parsing attributes in process `gtp'.
[  156.391437][ T7273] netlink: 32 bytes leftover after parsing attributes in process `gtp'.
[  156.406964][ T7267] EXT4-fs error (device loop7): ext4_do_update_inode:5632: inode #16: comm syz.7.1208: corrupted inode contents
[  156.429509][ T7267] EXT4-fs (loop7): Remounting filesystem read-only
[  156.436335][ T7267] EXT4-fs (loop7): 1 truncate cleaned up
[  156.446504][ T1432] EXT4-fs (loop7): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  156.457231][ T1432] EXT4-fs (loop7): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  156.473447][ T1432] EXT4-fs (loop7): Quota write (off=8, len=24) cancelled because transaction is not started
[  156.488857][ T7267] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  156.507660][ T7279] loop4: detected capacity change from 0 to 164
[  156.523494][ T7283] loop5: detected capacity change from 0 to 164
[  156.539864][ T4410] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  156.549758][ T7283] Unable to read rock-ridge attributes
[  156.556045][ T7279] Unable to read rock-ridge attributes
[  156.572106][ T7279] Unable to read rock-ridge attributes
[  156.591611][ T7289] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1220'.
[  156.601467][ T7283] Unable to read rock-ridge attributes
[  156.610584][ T7288] loop7: detected capacity change from 0 to 764
[  156.630771][ T7293] xt_hashlimit: max too large, truncated to 1048576
[  156.660923][ T7293] loop4: detected capacity change from 0 to 1024
[  156.680059][ T4410] rock: directory entry would overflow storage
[  156.686308][ T4410] rock: sig=0x4f50, size=4, remaining=3
[  156.687545][ T7299] loop3: detected capacity change from 0 to 512
[  156.691933][ T4410] iso9660: Corrupted directory entry in block 6 of inode 1792
[  156.692609][ T7293] EXT4-fs: Ignoring removed orlov option
[  156.712228][ T4410] Symlink component flag not implemented
[  156.718887][ T4410] iso9660: Corrupted directory entry in block 6 of inode 1792
[  156.725560][ T7303] binfmt_misc: register: failed to install interpreter file ./file0
[  156.727868][ T7293] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  156.734645][ T7299] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  156.734813][ T7299] EXT4-fs (loop3): orphan cleanup on readonly fs
[  156.769767][ T7308] SELinux: failure in selinux_parse_skb(), unable to parse packet
[  156.772378][ T7299] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.1226: corrupted inode contents
[  156.777674][ T7308] SELinux: failure in selinux_parse_skb(), unable to parse packet
[  156.790205][ T7299] EXT4-fs (loop3): Remounting filesystem read-only
[  156.798314][ T7311] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  156.804340][ T7299] EXT4-fs (loop3): 1 truncate cleaned up
[  156.813064][ T7293] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  156.830904][ T4633] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  156.832896][ T7311] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  156.841499][ T4633] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  156.870519][ T4633] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  156.882281][ T7299] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  156.920145][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  156.951153][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  156.993998][ T7322] loop3: detected capacity change from 0 to 2048
[  157.008285][ T7318] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  157.027597][ T7322] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  157.143056][ T7333] loop4: detected capacity change from 0 to 764
[  157.156691][ T7297] loop5: detected capacity change from 0 to 1024
[  157.163402][ T7297] EXT4-fs: Ignoring removed nomblk_io_submit option
[  157.170332][ T7297] EXT4-fs: inline encryption not supported
[  157.176310][ T7297] EXT4-fs: Ignoring removed nomblk_io_submit option
[  157.207507][ T7297] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  157.232392][ T7343] SELinux: failure in selinux_parse_skb(), unable to parse packet
[  157.240552][ T7343] SELinux: failure in selinux_parse_skb(), unable to parse packet
[  157.269351][ T3319] rock: directory entry would overflow storage
[  157.275545][ T3319] rock: sig=0x4f50, size=4, remaining=3
[  157.281226][ T3319] iso9660: Corrupted directory entry in block 6 of inode 1792
[  157.324718][ T3319] Symlink component flag not implemented
[  157.330809][ T3319] iso9660: Corrupted directory entry in block 6 of inode 1792
[  157.925273][ T3585] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.996004][ T7377] loop7: detected capacity change from 0 to 764
[  158.029676][ T4410] rock: directory entry would overflow storage
[  158.036111][ T4410] rock: sig=0x4f50, size=4, remaining=3
[  158.041762][ T4410] iso9660: Corrupted directory entry in block 6 of inode 1792
[  158.050275][ T4410] Symlink component flag not implemented
[  158.050467][ T7378] team0: Port device team_slave_1 removed
[  158.061874][ T4410] iso9660: Corrupted directory entry in block 6 of inode 1792
[  158.271827][ T7396] loop7: detected capacity change from 0 to 1764
[  158.507835][ T7418] __nla_validate_parse: 6 callbacks suppressed
[  158.507849][ T7418] netlink: 92 bytes leftover after parsing attributes in process `gtp'.
[  158.522599][ T7418] netlink: 32 bytes leftover after parsing attributes in process `gtp'.
[  158.598595][ T7421] usb usb8: usbfs: process 7421 (syz.1.1260) did not claim interface 0 before use
[  159.018548][ T7426] loop5: detected capacity change from 0 to 164
[  159.092466][ T7432] netlink: 92 bytes leftover after parsing attributes in process `gtp'.
[  159.103175][ T7432] netlink: 32 bytes leftover after parsing attributes in process `gtp'.
[  159.150708][ T7435] loop7: detected capacity change from 0 to 164
[  159.167413][ T7435] Unable to read rock-ridge attributes
[  159.184929][ T7435] Unable to read rock-ridge attributes
[  159.213537][ T7440] loop7: detected capacity change from 0 to 164
[  159.220951][ T7440] Unable to read rock-ridge attributes
[  159.229938][ T7440] Unable to read rock-ridge attributes
[  159.315387][ T7448] lo speed is unknown, defaulting to 1000
[  159.372276][ T7448] random: crng reseeded on system resumption
[  159.461779][ T7460] loop5: detected capacity change from 0 to 1024
[  159.468510][ T7461] binfmt_misc: register: failed to install interpreter file ./file0
[  159.468843][ T7460] EXT4-fs: Ignoring removed nobh option
[  159.482137][ T7460] EXT4-fs: Ignoring removed bh option
[  159.489283][ T7460] EXT4-fs (loop5): stripe (8) is not aligned with cluster size (16), stripe is disabled
[  159.507699][ T7463] loop3: detected capacity change from 0 to 1024
[  159.514741][ T7463] EXT4-fs: Ignoring removed oldalloc option
[  159.520742][ T7463] EXT4-fs: Ignoring removed bh option
[  159.533477][ T7460] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  159.693815][ T7463] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  159.712313][ T7463] EXT4-fs (loop3): shut down requested (1)
[  159.718693][ T7463] FAULT_INJECTION: forcing a failure.
[  159.718693][ T7463] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  159.731878][ T7463] CPU: 1 UID: 0 PID: 7463 Comm: syz.3.1282 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  159.731967][ T7463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  159.731983][ T7463] Call Trace:
[  159.731990][ T7463]  <TASK>
[  159.731999][ T7463]  __dump_stack+0x1d/0x30
[  159.732024][ T7463]  dump_stack_lvl+0xe8/0x140
[  159.732092][ T7463]  dump_stack+0x15/0x1b
[  159.732110][ T7463]  should_fail_ex+0x265/0x280
[  159.732242][ T7463]  should_fail+0xb/0x20
[  159.732260][ T7463]  should_fail_usercopy+0x1a/0x20
[  159.732281][ T7463]  strncpy_from_user+0x25/0x230
[  159.732309][ T7463]  ? kmem_cache_alloc_noprof+0x242/0x480
[  159.732339][ T7463]  ? getname_flags+0x80/0x3b0
[  159.732394][ T7463]  getname_flags+0xae/0x3b0
[  159.732425][ T7463]  do_sys_openat2+0x60/0x110
[  159.732446][ T7463]  __x64_sys_open+0xe6/0x110
[  159.732467][ T7463]  x64_sys_call+0x1457/0x3000
[  159.732586][ T7463]  do_syscall_64+0xd2/0x200
[  159.732605][ T7463]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  159.732633][ T7463]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  159.732665][ T7463]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.732695][ T7463] RIP: 0033:0x7fdcc5d2efc9
[  159.732711][ T7463] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  159.732729][ T7463] RSP: 002b:00007fdcc478f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[  159.732747][ T7463] RAX: ffffffffffffffda RBX: 00007fdcc5f85fa0 RCX: 00007fdcc5d2efc9
[  159.732808][ T7463] RDX: 0000000000000000 RSI: 000000000014977e RDI: 0000200000000180
[  159.732820][ T7463] RBP: 00007fdcc478f090 R08: 0000000000000000 R09: 0000000000000000
[  159.732835][ T7463] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  159.732847][ T7463] R13: 00007fdcc5f86038 R14: 00007fdcc5f85fa0 R15: 00007ffdddcaffe8
[  159.732867][ T7463]  </TASK>
[  160.587273][ T7486] usb usb8: usbfs: process 7486 (syz.1.1288) did not claim interface 0 before use
[  160.683606][ T7485] lo speed is unknown, defaulting to 1000
[  160.746072][   T29] kauditd_printk_skb: 374 callbacks suppressed
[  160.746089][   T29] audit: type=1326 audit(2000000118.740:3069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7492 comm="syz.7.1291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7a165efc9 code=0x7ffc0000
[  160.823989][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.842363][ T7494] loop7: detected capacity change from 0 to 512
[  160.850262][   T29] audit: type=1326 audit(2000000118.820:3070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7491 comm="syz.4.1293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6737b3efc9 code=0x7ffc0000
[  160.873829][   T29] audit: type=1326 audit(2000000118.820:3071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7491 comm="syz.4.1293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6737b3efc9 code=0x7ffc0000
[  160.897312][   T29] audit: type=1326 audit(2000000118.820:3072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7491 comm="syz.4.1293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6737b3efc9 code=0x7ffc0000
[  160.921722][   T29] audit: type=1326 audit(2000000118.820:3073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7491 comm="syz.4.1293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6737b3efc9 code=0x7ffc0000
[  160.945222][   T29] audit: type=1326 audit(2000000118.820:3074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7491 comm="syz.4.1293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6737b3efc9 code=0x7ffc0000
[  160.968736][   T29] audit: type=1326 audit(2000000118.820:3075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7491 comm="syz.4.1293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6737b3efc9 code=0x7ffc0000
[  160.992144][   T29] audit: type=1326 audit(2000000118.820:3076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7491 comm="syz.4.1293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6737b3efc9 code=0x7ffc0000
[  161.015972][   T29] audit: type=1326 audit(2000000118.820:3077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7491 comm="syz.4.1293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6737b3efc9 code=0x7ffc0000
[  161.016895][ T7493] loop4: detected capacity change from 0 to 512
[  161.039597][   T29] audit: type=1326 audit(2000000118.820:3078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7491 comm="syz.4.1293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f6737b3efc9 code=0x7ffc0000
[  161.079200][ T7494] EXT4-fs (loop7): revision level too high, forcing read-only mode
[  161.094739][ T7494] EXT4-fs (loop7): orphan cleanup on readonly fs
[  161.121838][ T3585] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.138934][ T7494] EXT4-fs error (device loop7): ext4_do_update_inode:5632: inode #16: comm syz.7.1291: corrupted inode contents
[  161.151130][ T7493] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  161.161457][ T7493] EXT4-fs (loop4): orphan cleanup on readonly fs
[  161.181685][ T7493] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #16: comm syz.4.1293: corrupted inode contents
[  161.193773][ T7494] EXT4-fs (loop7): Remounting filesystem read-only
[  161.204015][ T7494] EXT4-fs (loop7): 1 truncate cleaned up
[  161.211504][ T4633] EXT4-fs (loop7): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  161.222106][ T4633] EXT4-fs (loop7): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  161.233702][ T7493] EXT4-fs (loop4): Remounting filesystem read-only
[  161.253620][ T7493] EXT4-fs (loop4): 1 truncate cleaned up
[  161.260205][ T4633] EXT4-fs (loop7): Quota write (off=8, len=24) cancelled because transaction is not started
[  161.262682][ T7512] FAULT_INJECTION: forcing a failure.
[  161.262682][ T7512] name failslab, interval 1, probability 0, space 0, times 0
[  161.283340][ T7512] CPU: 0 UID: 0 PID: 7512 Comm: syz.5.1298 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  161.283385][ T7512] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  161.283404][ T7512] Call Trace:
[  161.283413][ T7512]  <TASK>
[  161.283424][ T7512]  __dump_stack+0x1d/0x30
[  161.283456][ T7512]  dump_stack_lvl+0xe8/0x140
[  161.283485][ T7512]  dump_stack+0x15/0x1b
[  161.283514][ T7512]  should_fail_ex+0x265/0x280
[  161.283565][ T7512]  should_failslab+0x8c/0xb0
[  161.283612][ T7512]  __kvmalloc_node_noprof+0x12e/0x670
[  161.283711][ T7512]  ? traverse+0xa2/0x3a0
[  161.283761][ T7512]  traverse+0xa2/0x3a0
[  161.283783][ T7512]  ? _parse_integer_limit+0x170/0x190
[  161.283828][ T7512]  seq_read_iter+0x85f/0x950
[  161.283914][ T7512]  ? kstrtoull+0x111/0x140
[  161.283988][ T7512]  seq_read+0x270/0x2b0
[  161.284012][ T7512]  ? __pfx_seq_read+0x10/0x10
[  161.284030][ T7512]  proc_reg_read+0x128/0x1c0
[  161.284064][ T7512]  ? __pfx_proc_reg_read+0x10/0x10
[  161.284167][ T7512]  vfs_read+0x1a8/0x770
[  161.284200][ T7512]  ? __fget_files+0x184/0x1c0
[  161.284272][ T7512]  ? __rcu_read_unlock+0x4f/0x70
[  161.284315][ T7512]  ? __fget_files+0x184/0x1c0
[  161.284421][ T7512]  __x64_sys_pread64+0xfd/0x150
[  161.284475][ T7512]  x64_sys_call+0x29e6/0x3000
[  161.284505][ T7512]  do_syscall_64+0xd2/0x200
[  161.284527][ T7512]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  161.284629][ T7512]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  161.284670][ T7512]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  161.284698][ T7512] RIP: 0033:0x7f42bea5efc9
[  161.284718][ T7512] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  161.284742][ T7512] RSP: 002b:00007f42bd4bf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011
[  161.284833][ T7512] RAX: ffffffffffffffda RBX: 00007f42becb5fa0 RCX: 00007f42bea5efc9
[  161.284846][ T7512] RDX: 00000000000000dc RSI: 0000200000000080 RDI: 0000000000000003
[  161.284938][ T7512] RBP: 00007f42bd4bf090 R08: 0000000000000000 R09: 0000000000000000
[  161.284956][ T7512] R10: 0000000000004009 R11: 0000000000000246 R12: 0000000000000001
[  161.284973][ T7512] R13: 00007f42becb6038 R14: 00007f42becb5fa0 R15: 00007ffc788bf8a8
[  161.284999][ T7512]  </TASK>
[  161.285169][ T4633] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  161.517908][ T4633] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  161.528480][ T4633] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[  161.539322][ T7494] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  161.552526][ T7493] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  161.601217][ T4410] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.611228][ T7522] FAULT_INJECTION: forcing a failure.
[  161.611228][ T7522] name failslab, interval 1, probability 0, space 0, times 0
[  161.623949][ T7522] CPU: 0 UID: 0 PID: 7522 Comm: syz.5.1303 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  161.623979][ T7522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  161.623994][ T7522] Call Trace:
[  161.624001][ T7522]  <TASK>
[  161.624009][ T7522]  __dump_stack+0x1d/0x30
[  161.624035][ T7522]  dump_stack_lvl+0xe8/0x140
[  161.624178][ T7522]  dump_stack+0x15/0x1b
[  161.624200][ T7522]  should_fail_ex+0x265/0x280
[  161.624242][ T7522]  should_failslab+0x8c/0xb0
[  161.624352][ T7522]  __kmalloc_node_track_caller_noprof+0xa5/0x580
[  161.624412][ T7522]  ? kasprintf+0x83/0xb0
[  161.624442][ T7522]  kvasprintf+0x8a/0x110
[  161.624494][ T7522]  ? obj_cgroup_charge_account+0x122/0x1a0
[  161.624520][ T7522]  kasprintf+0x83/0xb0
[  161.624560][ T7522]  ? __memcg_slab_post_alloc_hook+0x44c/0x580
[  161.624637][ T7522]  nf_tables_set_alloc_name+0xaa/0x4b0
[  161.624671][ T7522]  ? nla_strdup+0x78/0xc0
[  161.624700][ T7522]  nf_tables_newset+0xe29/0x14e0
[  161.624784][ T7522]  nfnetlink_rcv+0xbc9/0x16c0
[  161.624807][ T7522]  ? kmem_cache_free+0xe4/0x3d0
[  161.624911][ T7522]  netlink_unicast+0x5c0/0x690
[  161.624941][ T7522]  netlink_sendmsg+0x58b/0x6b0
[  161.625015][ T7522]  ? __pfx_netlink_sendmsg+0x10/0x10
[  161.625127][ T7522]  __sock_sendmsg+0x145/0x180
[  161.625150][ T7522]  ____sys_sendmsg+0x31e/0x4e0
[  161.625253][ T7522]  ___sys_sendmsg+0x17b/0x1d0
[  161.625301][ T7522]  __x64_sys_sendmsg+0xd4/0x160
[  161.625381][ T7522]  x64_sys_call+0x191e/0x3000
[  161.625403][ T7522]  do_syscall_64+0xd2/0x200
[  161.625420][ T7522]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  161.625515][ T7522]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  161.625549][ T7522]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  161.625576][ T7522] RIP: 0033:0x7f42bea5efc9
[  161.625596][ T7522] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  161.625665][ T7522] RSP: 002b:00007f42bd4bf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  161.625683][ T7522] RAX: ffffffffffffffda RBX: 00007f42becb5fa0 RCX: 00007f42bea5efc9
[  161.625699][ T7522] RDX: 0000000000000040 RSI: 0000200000009b40 RDI: 0000000000000006
[  161.625714][ T7522] RBP: 00007f42bd4bf090 R08: 0000000000000000 R09: 0000000000000000
[  161.625728][ T7522] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  161.625739][ T7522] R13: 00007f42becb6038 R14: 00007f42becb5fa0 R15: 00007ffc788bf8a8
[  161.625824][ T7522]  </TASK>
[  161.889808][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.902440][ T7528] loop5: detected capacity change from 0 to 164
[  161.910519][ T7528] Unable to read rock-ridge attributes
[  161.934525][ T7528] Unable to read rock-ridge attributes
[  161.983345][ T7538] delete_channel: no stack
[  162.037060][ T7545] SELinux: failure in selinux_parse_skb(), unable to parse packet
[  162.044929][ T7545] SELinux: failure in selinux_parse_skb(), unable to parse packet
[  162.114845][ T7537] loop7: detected capacity change from 0 to 8192
[  162.147468][ T7551] loop5: detected capacity change from 0 to 512
[  162.157646][ T7537] vfat: Unknown parameter 'À'
[  162.197097][ T7551] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  162.211771][ T7551] EXT4-fs (loop5): orphan cleanup on readonly fs
[  162.228288][ T7551] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #16: comm syz.5.1315: corrupted inode contents
[  162.271072][ T7551] EXT4-fs (loop5): Remounting filesystem read-only
[  162.297391][ T7551] EXT4-fs (loop5): 1 truncate cleaned up
[  162.303357][ T1432] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  162.313940][ T1432] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  162.364897][ T1432] EXT4-fs (loop5): Quota write (off=8, len=24) cancelled because transaction is not started
[  162.386761][ T7551] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  162.391632][ T7563] loop4: detected capacity change from 0 to 512
[  162.449679][ T7563] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  162.465867][ T3585] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.468048][ T7563] EXT4-fs (loop4): orphan cleanup on readonly fs
[  162.489449][ T7563] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #16: comm syz.4.1318: corrupted inode contents
[  162.501767][ T7563] EXT4-fs (loop4): Remounting filesystem read-only
[  162.508732][ T7563] EXT4-fs (loop4): 1 truncate cleaned up
[  162.514663][ T1432] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  162.525456][ T1432] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  162.566320][ T1432] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[  162.620596][ T7563] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  162.732939][ T7574] loop3: detected capacity change from 0 to 512
[  162.776174][ T7574] EXT4-fs (loop3): 1 orphan inode deleted
[  162.778500][ T7537] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1304'.
[  162.782484][ T7574] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  162.803666][ T3449] EXT4-fs error (device loop3): ext4_release_dquot:6981: comm kworker/u8:7: Failed to release dquot type 1
[  162.803836][ T7537] loop7: detected capacity change from 0 to 1024
[  162.815538][ T7574] ext4 filesystem being mounted at /259/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  162.844604][ T7574] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  162.846222][ T7537] EXT4-fs (loop7): stripe (4) is not aligned with cluster size (4096), stripe is disabled
[  162.870573][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.891967][ T7537] EXT4-fs error (device loop7): ext4_map_blocks:778: inode #3: block 2: comm syz.7.1304: lblock 2 mapped to illegal pblock 2 (length 1)
[  162.906403][ T7537] EXT4-fs error (device loop7): ext4_map_blocks:778: inode #3: block 48: comm syz.7.1304: lblock 0 mapped to illegal pblock 48 (length 1)
[  162.921215][ T7537] EXT4-fs error (device loop7): ext4_acquire_dquot:6945: comm syz.7.1304: Failed to acquire dquot type 0
[  162.933527][ T7537] EXT4-fs error (device loop7) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  162.945160][ T7537] EXT4-fs error (device loop7): ext4_evict_inode:254: inode #11: comm syz.7.1304: mark_inode_dirty error
[  162.956939][ T7583] loop4: detected capacity change from 0 to 164
[  162.965842][ T7537] EXT4-fs warning (device loop7): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  162.976450][ T7537] EXT4-fs (loop7): 1 orphan inode deleted
[  162.977249][ T7583] Unable to read rock-ridge attributes
[  162.982800][ T7537] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  163.000147][ T7583] Unable to read rock-ridge attributes
[  163.001354][ T3449] EXT4-fs error (device loop7): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:7: lblock 1 mapped to illegal pblock 1 (length 1)
[  163.041855][ T3449] EXT4-fs error (device loop7): ext4_release_dquot:6981: comm kworker/u8:7: Failed to release dquot type 0
[  163.342775][ T7603] mmap: syz.1.1333 (7603) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  163.416124][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.448415][ T7608] loop3: detected capacity change from 0 to 1024
[  163.464378][ T7608] EXT4-fs: Ignoring removed nobh option
[  163.470050][ T7608] EXT4-fs: Ignoring removed bh option
[  163.475930][ T7608] EXT4-fs (loop3): stripe (8) is not aligned with cluster size (16), stripe is disabled
[  163.507876][ T7608] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  163.522136][ T7613] loop5: detected capacity change from 0 to 164
[  163.540099][ T7613] Unable to read rock-ridge attributes
[  163.554906][ T7613] Unable to read rock-ridge attributes
[  163.574614][ T4410] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.590363][   T52] EXT4-fs error (device loop7): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:3: lblock 1 mapped to illegal pblock 1 (length 1)
[  163.624313][   T52] EXT4-fs error (device loop7): ext4_release_dquot:6981: comm kworker/u8:3: Failed to release dquot type 0
[  163.636252][ T4410] EXT4-fs error (device loop7): __ext4_get_inode_loc:4832: comm syz-executor: Invalid inode table block 1 in block_group 0
[  163.652857][ T4410] EXT4-fs error (device loop7) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  163.664429][ T4410] EXT4-fs error (device loop7): ext4_quota_off:7229: inode #3: comm syz-executor: mark_inode_dirty error
[  163.705494][ T7619] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1339'.
[  163.901639][ T7624] lo speed is unknown, defaulting to 1000
[  164.707107][ T7634] FAULT_INJECTION: forcing a failure.
[  164.707107][ T7634] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  164.720339][ T7634] CPU: 1 UID: 0 PID: 7634 Comm: syz.4.1343 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  164.720372][ T7634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  164.720386][ T7634] Call Trace:
[  164.720392][ T7634]  <TASK>
[  164.720399][ T7634]  __dump_stack+0x1d/0x30
[  164.720426][ T7634]  dump_stack_lvl+0xe8/0x140
[  164.720485][ T7634]  dump_stack+0x15/0x1b
[  164.720517][ T7634]  should_fail_ex+0x265/0x280
[  164.720611][ T7634]  should_fail+0xb/0x20
[  164.720627][ T7634]  should_fail_usercopy+0x1a/0x20
[  164.720646][ T7634]  _copy_from_user+0x1c/0xb0
[  164.720670][ T7634]  ___sys_sendmsg+0xc1/0x1d0
[  164.720739][ T7634]  __x64_sys_sendmsg+0xd4/0x160
[  164.720784][ T7634]  x64_sys_call+0x191e/0x3000
[  164.720857][ T7634]  do_syscall_64+0xd2/0x200
[  164.720876][ T7634]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  164.720910][ T7634]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  164.720943][ T7634]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.720966][ T7634] RIP: 0033:0x7f6737b3efc9
[  164.721059][ T7634] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  164.721078][ T7634] RSP: 002b:00007f673659f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  164.721097][ T7634] RAX: ffffffffffffffda RBX: 00007f6737d95fa0 RCX: 00007f6737b3efc9
[  164.721113][ T7634] RDX: 0000000004008800 RSI: 0000200000000840 RDI: 0000000000000003
[  164.721128][ T7634] RBP: 00007f673659f090 R08: 0000000000000000 R09: 0000000000000000
[  164.721143][ T7634] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  164.721202][ T7634] R13: 00007f6737d96038 R14: 00007f6737d95fa0 R15: 00007ffdfd5d1f48
[  164.721220][ T7634]  </TASK>
[  164.965271][ T7635] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1338'.
[  164.980404][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.585590][ T7645] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1348'.
[  165.729127][ T7650] loop3: detected capacity change from 0 to 164
[  165.739975][ T7652] loop7: detected capacity change from 0 to 164
[  165.763871][ T7652] Unable to read rock-ridge attributes
[  165.776068][ T7652] Unable to read rock-ridge attributes
[  165.928640][ T7654] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1351'.
[  165.965589][   T29] kauditd_printk_skb: 264 callbacks suppressed
[  165.965607][   T29] audit: type=1326 audit(2000000123.960:3314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7661 comm="syz.3.1354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdcc5d2efc9 code=0x7ffc0000
[  166.410250][   T29] audit: type=1326 audit(2000000123.970:3315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7661 comm="syz.3.1354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdcc5d2efc9 code=0x7ffc0000
[  166.433924][   T29] audit: type=1326 audit(2000000123.970:3316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7661 comm="syz.3.1354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdcc5d2efc9 code=0x7ffc0000
[  166.457466][   T29] audit: type=1326 audit(2000000123.970:3317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7661 comm="syz.3.1354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdcc5d2efc9 code=0x7ffc0000
[  166.480906][   T29] audit: type=1326 audit(2000000123.970:3318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7661 comm="syz.3.1354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdcc5d2efc9 code=0x7ffc0000
[  166.504379][   T29] audit: type=1326 audit(2000000123.970:3319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7661 comm="syz.3.1354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdcc5d2efc9 code=0x7ffc0000
[  166.527914][   T29] audit: type=1326 audit(2000000123.970:3320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7661 comm="syz.3.1354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fdcc5d2efc9 code=0x7ffc0000
[  166.551324][   T29] audit: type=1326 audit(2000000123.970:3321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7661 comm="syz.3.1354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdcc5d2efc9 code=0x7ffc0000
[  166.574773][   T29] audit: type=1326 audit(2000000123.970:3322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7661 comm="syz.3.1354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fdcc5d2efc9 code=0x7ffc0000
[  166.598183][   T29] audit: type=1326 audit(2000000123.970:3323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7661 comm="syz.3.1354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdcc5d2efc9 code=0x7ffc0000
[  166.629168][ T7662] loop3: detected capacity change from 0 to 512
[  166.688697][ T7662] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  166.704593][ T7662] EXT4-fs (loop3): orphan cleanup on readonly fs
[  166.712141][ T7672] loop4: detected capacity change from 0 to 512
[  166.738633][ T7674] lo speed is unknown, defaulting to 1000
[  166.764305][ T7681] loop5: detected capacity change from 0 to 164
[  166.766322][ T7662] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.1354: corrupted inode contents
[  166.772929][ T7672] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  166.801208][ T7662] EXT4-fs (loop3): Remounting filesystem read-only
[  166.804836][ T7672] EXT4-fs (loop4): orphan cleanup on readonly fs
[  166.812118][ T7662] EXT4-fs (loop3): 1 truncate cleaned up
[  166.820510][ T3449] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  166.831093][ T3449] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  166.831626][ T7672] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #16: comm syz.4.1357: corrupted inode contents
[  166.841674][ T3449] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  166.875728][ T7662] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  166.917895][ T7672] EXT4-fs (loop4): Remounting filesystem read-only
[  166.955139][ T7672] EXT4-fs (loop4): 1 truncate cleaned up
[  166.961694][ T3449] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  166.972259][ T3449] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  167.020609][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.050422][ T3449] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[  167.058797][ T7700] random: crng reseeded on system resumption
[  167.069558][ T7672] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  167.231556][ T7707] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1368'.
[  167.556194][ T3449] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  167.657833][ T3449] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  167.759386][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.860182][ T3449] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  168.880878][ T3449] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  169.061369][ T3449] bridge_slave_1: left allmulticast mode
[  169.067199][ T3449] bridge_slave_1: left promiscuous mode
[  169.072980][ T3449] bridge0: port 2(bridge_slave_1) entered disabled state
[  169.087002][ T7733] random: crng reseeded on system resumption
[  169.399927][ T7740] loop3: detected capacity change from 0 to 512
[  169.572221][ T7740] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  169.601002][ T7740] EXT4-fs (loop3): orphan cleanup on readonly fs
[  169.640132][ T7740] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.1376: corrupted inode contents
[  169.686302][ T7740] EXT4-fs (loop3): Remounting filesystem read-only
[  169.723479][ T7740] EXT4-fs (loop3): 1 truncate cleaned up
[  169.818958][ T1432] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  169.829600][ T1432] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  169.841865][ T3449] bridge_slave_0: left allmulticast mode
[  169.847677][ T3449] bridge_slave_0: left promiscuous mode
[  169.853502][ T3449] bridge0: port 1(bridge_slave_0) entered disabled state
[  169.904058][ T1432] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  169.914922][ T7740] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  169.945925][ T7743] loop5: detected capacity change from 0 to 8192
[  170.119276][ T3449] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  170.162047][ T3449] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  170.238253][ T3449] bond0 (unregistering): Released all slaves
[  170.424073][ T3449] hsr_slave_0: left promiscuous mode
[  170.438365][ T3449] hsr_slave_1: left promiscuous mode
[  170.492829][ T3449] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  170.500277][ T3449] batman_adv: batadv0: Removing interface: batadv_slave_0
[  170.541880][ T3449] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  170.549363][ T3449] batman_adv: batadv0: Removing interface: batadv_slave_1
[  170.572763][ T3449] veth1_macvtap: left promiscuous mode
[  170.578519][ T3449] veth0_macvtap: left promiscuous mode
[  170.596318][ T3449] veth1_vlan: left promiscuous mode
[  170.601606][ T3449] veth0_vlan: left promiscuous mode
[  170.766409][ T3449] team0 (unregistering): Port device team_slave_1 removed
[  170.879861][ T3449] team0 (unregistering): Port device team_slave_0 removed
[  171.079038][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.286785][   T29] kauditd_printk_skb: 165 callbacks suppressed
[  171.286798][   T29] audit: type=1400 audit(2000000129.290:3471): avc:  denied  { unmount } for  pid=3585 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[  171.382790][ T7766] loop5: detected capacity change from 0 to 1024
[  171.405458][ T7766] EXT4-fs: Ignoring removed nobh option
[  171.411164][ T7766] EXT4-fs: Ignoring removed bh option
[  171.438409][ T7766] EXT4-fs (loop5): stripe (8) is not aligned with cluster size (16), stripe is disabled
[  171.452156][ T7774] loop7: detected capacity change from 0 to 1024
[  171.459067][ T7774] EXT4-fs: Ignoring removed nobh option
[  171.464745][ T7774] EXT4-fs: Ignoring removed bh option
[  171.475763][ T7774] EXT4-fs (loop7): stripe (8) is not aligned with cluster size (16), stripe is disabled
[  171.495404][ T7766] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  171.510001][ T7774] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  172.309473][ T7784] lo speed is unknown, defaulting to 1000
[  172.695555][   T29] audit: type=1400 audit(2000000130.690:3472): avc:  denied  { remove_name } for  pid=4410 comm="syz-executor" name="lost+found" dev="loop7" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  172.719021][   T29] audit: type=1400 audit(2000000130.690:3473): avc:  denied  { rmdir } for  pid=4410 comm="syz-executor" name="lost+found" dev="loop7" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  173.231321][ T7789] lo speed is unknown, defaulting to 1000
[  173.277145][   T29] audit: type=1400 audit(2000000130.850:3474): avc:  denied  { unlink } for  pid=4410 comm="syz-executor" name="file0" dev="loop7" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  173.299678][   T29] audit: type=1400 audit(2000000130.850:3475): avc:  denied  { unlink } for  pid=4410 comm="syz-executor" name="file1" dev="loop7" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1
[  173.312716][ T7793] loop3: detected capacity change from 0 to 164
[  173.688811][ T4410] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.698934][ T7796] netlink: 92 bytes leftover after parsing attributes in process `gtp'.
[  173.716324][ T7796] netlink: 32 bytes leftover after parsing attributes in process `gtp'.
[  173.725849][ T7793] Unable to read rock-ridge attributes
[  173.734094][ T7793] Unable to read rock-ridge attributes
[  173.766638][ T3585] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.830280][ T7802] loop3: detected capacity change from 0 to 512
[  173.856881][ T7802] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  173.869067][ T7802] EXT4-fs (loop3): orphan cleanup on readonly fs
[  173.886062][ T7802] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.1397: corrupted inode contents
[  173.911479][ T7802] EXT4-fs (loop3): Remounting filesystem read-only
[  173.918329][ T7802] EXT4-fs (loop3): 1 truncate cleaned up
[  173.924100][ T3449] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  173.934733][ T3449] Quota error (device loop3): write_blk: dquota write failed
[  173.942227][ T3449] Quota error (device loop3): remove_free_dqentry: Can't write block (5) with free entries
[  173.952254][ T3449] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  173.962901][ T3449] Quota error (device loop3): write_blk: dquota write failed
[  173.970377][ T3449] Quota error (device loop3): free_dqentry: Can't move quota data block (5) to free list
[  173.980702][ T3449] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  173.990995][ T3449] Quota error (device loop3): v2_write_file_info: Can't write info structure
[  174.010985][ T7802] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  174.064722][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.384221][ T7820] loop3: detected capacity change from 0 to 164
[  174.409999][ T7820] Unable to read rock-ridge attributes
[  174.430122][ T7820] Unable to read rock-ridge attributes
[  174.549563][ T7833] loop3: detected capacity change from 0 to 164
[  174.569969][ T7833] iso9660: Corrupted directory entry in block 4 of inode 1792
[  174.641501][ T7821] lo speed is unknown, defaulting to 1000
[  174.754285][ T7846] loop3: detected capacity change from 0 to 512
[  174.787496][ T7846] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  174.803943][ T7846] EXT4-fs (loop3): orphan cleanup on readonly fs
[  174.815736][ T7829] lo speed is unknown, defaulting to 1000
[  174.830216][ T7846] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.1412: corrupted inode contents
[  174.843096][ T7821] chnl_net:caif_netlink_parms(): no params data found
[  174.862842][ T7846] EXT4-fs (loop3): Remounting filesystem read-only
[  174.878650][ T7846] EXT4-fs (loop3): 1 truncate cleaned up
[  174.884498][ T3449] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  174.895166][ T3449] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  174.911410][ T3449] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  174.923313][ T7846] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  174.947717][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  175.039722][ T3420] hid-generic 0003:0003:0000.0004: unknown main item tag 0x0
[  175.047280][ T3420] hid-generic 0003:0003:0000.0004: unknown main item tag 0x0
[  175.054736][ T3420] hid-generic 0003:0003:0000.0004: unknown main item tag 0x0
[  175.062235][ T3420] hid-generic 0003:0003:0000.0004: unknown main item tag 0x0
[  175.069749][ T3420] hid-generic 0003:0003:0000.0004: unknown main item tag 0x0
[  175.077312][ T3420] hid-generic 0003:0003:0000.0004: unknown main item tag 0x0
[  175.084718][ T3420] hid-generic 0003:0003:0000.0004: unknown main item tag 0x0
[  175.092299][ T3420] hid-generic 0003:0003:0000.0004: unknown main item tag 0x0
[  175.099836][ T3420] hid-generic 0003:0003:0000.0004: unknown main item tag 0x0
[  175.107425][ T3420] hid-generic 0003:0003:0000.0004: unknown main item tag 0x0
[  175.233588][ T7863] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  175.251362][ T7821] bridge0: port 1(bridge_slave_0) entered blocking state
[  175.258718][ T7821] bridge0: port 1(bridge_slave_0) entered disabled state
[  175.266995][ T7821] bridge_slave_0: entered allmulticast mode
[  175.274192][ T7821] bridge_slave_0: entered promiscuous mode
[  175.329906][ T7821] bridge0: port 2(bridge_slave_1) entered blocking state
[  175.337055][ T7821] bridge0: port 2(bridge_slave_1) entered disabled state
[  175.402932][ T7821] bridge_slave_1: entered allmulticast mode
[  175.427589][ T7821] bridge_slave_1: entered promiscuous mode
[  176.118317][ T7829] chnl_net:caif_netlink_parms(): no params data found
[  176.130185][ T3420] hid-generic 0003:0003:0000.0004: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  176.505186][ T7821] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  176.516272][ T7821] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  177.106732][ T7878] FAULT_INJECTION: forcing a failure.
[  177.106732][ T7878] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  177.120077][ T7878] CPU: 0 UID: 0 PID: 7878 Comm: syz.3.1420 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  177.120120][ T7878] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  177.120136][ T7878] Call Trace:
[  177.120145][ T7878]  <TASK>
[  177.120155][ T7878]  __dump_stack+0x1d/0x30
[  177.120182][ T7878]  dump_stack_lvl+0xe8/0x140
[  177.120326][ T7878]  dump_stack+0x15/0x1b
[  177.120343][ T7878]  should_fail_ex+0x265/0x280
[  177.120385][ T7878]  should_fail_alloc_page+0xf2/0x100
[  177.120425][ T7878]  __alloc_frozen_pages_noprof+0xff/0x360
[  177.120526][ T7878]  alloc_pages_mpol+0xb3/0x260
[  177.120548][ T7878]  vma_alloc_folio_noprof+0x1aa/0x300
[  177.120571][ T7878]  do_wp_page+0xf60/0x2510
[  177.120652][ T7878]  ? mod_memcg_lruvec_state+0x1fc/0x2c0
[  177.120691][ T7878]  ? __rcu_read_lock+0x37/0x50
[  177.120715][ T7878]  ? css_rstat_updated+0xb7/0x240
[  177.120733][ T7878]  ? __rcu_read_lock+0x37/0x50
[  177.120782][ T7878]  handle_mm_fault+0x77d/0x2be0
[  177.120820][ T7878]  ? vma_start_read+0x141/0x1f0
[  177.120865][ T7878]  do_user_addr_fault+0x630/0x1080
[  177.120896][ T7878]  ? fpregs_assert_state_consistent+0xb4/0xe0
[  177.120979][ T7878]  exc_page_fault+0x62/0xa0
[  177.121008][ T7878]  asm_exc_page_fault+0x26/0x30
[  177.121033][ T7878] RIP: 0033:0x7fdcc5bf0c03
[  177.121083][ T7878] Code: 1f 84 00 00 00 00 00 3d 00 01 00 00 75 29 45 31 f6 48 83 c4 18 44 89 f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 49 8b 0f <44> 88 34 01 49 83 47 10 01 eb 92 66 90 8d 90 ff fe ff ff 83 fa 1c
[  177.121150][ T7878] RSP: 002b:00007fdcc478e4a0 EFLAGS: 00010202
[  177.121169][ T7878] RAX: 0000000000005005 RBX: 00007fdcc478e540 RCX: 00007fdcbc36f000
[  177.121184][ T7878] RDX: 00007fdcc478e6e0 RSI: 0000000000000003 RDI: 00007fdcc478e5e0
[  177.121197][ T7878] RBP: 000000000000004a R08: 0000000000000008 R09: 00000000000000ae
[  177.121208][ T7878] R10: 00000000000000c8 R11: 00007fdcc478e540 R12: 0000000000000001
[  177.121220][ T7878] R13: 00007fdcc5dcdc40 R14: 0000000000000010 R15: 00007fdcc478e5e0
[  177.121239][ T7878]  </TASK>
[  177.121292][ T7878] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  177.528776][ T7878] loop3: detected capacity change from 0 to 512
[  177.560623][ T7878] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  177.589983][ T7876] A link change request failed with some changes committed already. Interface Q±6ã×\b‹¡Y­4�� may have been left with an inconsistent configuration, please check.
[  177.669302][ T7878] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1137: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  177.686021][ T7878] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1420: bg 0: block 248: padding at end of block bitmap is not set
[  177.700978][ T7878] __quota_error: 47 callbacks suppressed
[  177.700992][ T7878] Quota error (device loop3): write_blk: dquota write failed
[  177.714836][ T7878] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  177.764019][ T7821] team0: Port device team_slave_0 added
[  177.772706][ T7888] SELinux: failure in selinux_parse_skb(), unable to parse packet
[  177.783221][ T7888] SELinux: failure in selinux_parse_skb(), unable to parse packet
[  177.819622][ T7878] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.1420: Failed to acquire dquot type 1
[  177.861283][ T7821] team0: Port device team_slave_1 added
[  177.910303][ T7829] bridge0: port 1(bridge_slave_0) entered blocking state
[  177.917495][ T7829] bridge0: port 1(bridge_slave_0) entered disabled state
[  177.927856][ T7878] EXT4-fs (loop3): 1 truncate cleaned up
[  177.934681][ T7878] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback.
[  177.957520][ T7893] loop4: detected capacity change from 0 to 512
[  177.964107][ T7829] bridge_slave_0: entered allmulticast mode
[  177.974822][ T7878] EXT4-fs (loop3): shut down requested (1)
[  177.985565][ T7829] bridge_slave_0: entered promiscuous mode
[  178.007162][ T7893] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  178.020364][ T7821] batman_adv: batadv0: Adding interface: batadv_slave_0
[  178.027379][ T7821] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  178.053410][ T7821] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  178.078555][ T7893] EXT4-fs (loop4): orphan cleanup on readonly fs
[  178.106725][ T7893] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #16: comm syz.4.1423: corrupted inode contents
[  178.124014][ T7893] EXT4-fs (loop4): Remounting filesystem read-only
[  178.131194][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0008-000000000000.
[  178.140551][ T7893] EXT4-fs (loop4): 1 truncate cleaned up
[  178.146759][ T4652] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  178.157383][ T4652] Quota error (device loop4): write_blk: dquota write failed
[  178.164792][ T4652] Quota error (device loop4): remove_free_dqentry: Can't write block (5) with free entries
[  178.174833][ T4652] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  178.185412][ T4652] Quota error (device loop4): write_blk: dquota write failed
[  178.192827][ T4652] Quota error (device loop4): free_dqentry: Can't move quota data block (5) to free list
[  178.206785][ T7821] batman_adv: batadv0: Adding interface: batadv_slave_1
[  178.213793][ T7821] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  178.239734][ T7821] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  178.250598][ T4652] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[  178.260835][ T4652] Quota error (device loop4): v2_write_file_info: Can't write info structure
[  178.270203][ T7829] bridge0: port 2(bridge_slave_1) entered blocking state
[  178.277324][ T7829] bridge0: port 2(bridge_slave_1) entered disabled state
[  178.284893][ T7829] bridge_slave_1: entered allmulticast mode
[  178.292103][ T7829] bridge_slave_1: entered promiscuous mode
[  178.298421][ T4652] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  178.327413][ T7893] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  178.363815][ T7821] hsr_slave_0: entered promiscuous mode
[  178.377565][ T7821] hsr_slave_1: entered promiscuous mode
[  178.393586][ T7821] debugfs: 'hsr0' already exists in 'hsr'
[  178.399469][ T7821] Cannot create hsr debugfs directory
[  178.419185][ T7829] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  178.443788][ T7829] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  178.493058][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  178.569406][ T7829] team0: Port device team_slave_0 added
[  178.584813][ T7829] team0: Port device team_slave_1 added
[  178.605365][ T7829] batman_adv: batadv0: Adding interface: batadv_slave_0
[  178.612391][ T7829] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  178.638404][ T7829] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  178.740568][ T7829] batman_adv: batadv0: Adding interface: batadv_slave_1
[  178.747640][ T7829] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  178.773718][ T7829] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  178.788293][   T29] audit: type=1400 audit(2000000136.790:3516): avc:  denied  { mount } for  pid=7897 comm="syz.3.1424" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  178.820096][ T7900] loop4: detected capacity change from 0 to 8192
[  178.896511][ T7829] hsr_slave_0: entered promiscuous mode
[  178.903647][ T7829] hsr_slave_1: entered promiscuous mode
[  178.916627][ T7829] debugfs: 'hsr0' already exists in 'hsr'
[  178.922402][ T7829] Cannot create hsr debugfs directory
[  178.989336][ T7821] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  179.008488][ T7821] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  179.031215][ T7821] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  179.051746][ T7821] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  179.251381][ T7911] loop3: detected capacity change from 0 to 512
[  179.305091][ T7829] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  179.317224][ T7911] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  179.341044][ T7911] EXT4-fs (loop3): orphan cleanup on readonly fs
[  179.367746][ T7829] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  179.386096][ T7911] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.1426: corrupted inode contents
[  179.406903][ T7829] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  179.418543][ T7911] EXT4-fs (loop3): Remounting filesystem read-only
[  179.435690][ T7829] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  179.445503][ T7911] EXT4-fs (loop3): 1 truncate cleaned up
[  179.451302][ T4652] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  179.462026][ T4652] Quota error (device loop3): write_blk: dquota write failed
[  179.469530][ T4652] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  179.540268][ T4652] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  179.561028][ T7821] 8021q: adding VLAN 0 to HW filter on device bond0
[  179.576746][ T7911] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  179.607781][ T7821] 8021q: adding VLAN 0 to HW filter on device team0
[  179.650775][ T4652] bridge0: port 1(bridge_slave_0) entered blocking state
[  179.657908][ T4652] bridge0: port 1(bridge_slave_0) entered forwarding state
[  179.721368][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.730702][   T52] bridge0: port 2(bridge_slave_1) entered blocking state
[  179.737816][   T52] bridge0: port 2(bridge_slave_1) entered forwarding state
[  179.763819][ T7928] loop4: detected capacity change from 0 to 164
[  179.775707][ T7928] Unable to read rock-ridge attributes
[  179.786130][ T7928] Unable to read rock-ridge attributes
[  179.792403][ T7829] 8021q: adding VLAN 0 to HW filter on device bond0
[  179.811735][ T7829] 8021q: adding VLAN 0 to HW filter on device team0
[  179.825010][ T4633] bridge0: port 1(bridge_slave_0) entered blocking state
[  179.832112][ T4633] bridge0: port 1(bridge_slave_0) entered forwarding state
[  179.850387][   T31] bridge0: port 2(bridge_slave_1) entered blocking state
[  179.857528][   T31] bridge0: port 2(bridge_slave_1) entered forwarding state
[  179.891150][ T7821] 8021q: adding VLAN 0 to HW filter on device batadv0
[  179.900642][ T7829] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  179.907193][ T7936] loop4: detected capacity change from 0 to 512
[  179.937638][ T7936] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  179.949124][ T7936] EXT4-fs (loop4): orphan cleanup on readonly fs
[  179.960627][ T7936] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #16: comm syz.4.1431: corrupted inode contents
[  179.978106][ T7829] 8021q: adding VLAN 0 to HW filter on device batadv0
[  179.985634][ T7936] EXT4-fs (loop4): Remounting filesystem read-only
[  179.992529][ T7936] EXT4-fs (loop4): 1 truncate cleaned up
[  179.998483][   T31] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  180.009158][   T31] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  180.037781][   T31] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[  180.050526][ T7936] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  180.088602][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  180.143349][ T7821] veth0_vlan: entered promiscuous mode
[  180.157085][ T7821] veth1_vlan: entered promiscuous mode
[  180.181237][ T7821] veth0_macvtap: entered promiscuous mode
[  180.190194][ T7821] veth1_macvtap: entered promiscuous mode
[  180.214622][ T7829] veth0_vlan: entered promiscuous mode
[  180.222261][ T7821] batman_adv: batadv0: Interface activated: batadv_slave_0
[  180.234421][ T7821] batman_adv: batadv0: Interface activated: batadv_slave_1
[  180.244398][ T7829] veth1_vlan: entered promiscuous mode
[  180.253909][   T52] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  180.266631][   T52] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  180.275515][   T52] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  180.300805][ T7829] veth0_macvtap: entered promiscuous mode
[  180.312920][   T52] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  180.328413][ T7829] veth1_macvtap: entered promiscuous mode
[  180.363280][ T7829] batman_adv: batadv0: Interface activated: batadv_slave_0
[  180.381686][ T7829] batman_adv: batadv0: Interface activated: batadv_slave_1
[  180.396061][ T4633] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  180.410859][ T4633] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  180.441010][ T4633] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  180.464018][ T4633] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  181.444072][ T7996] lo speed is unknown, defaulting to 1000
[  181.754643][ T8012] loop3: detected capacity change from 0 to 512
[  181.787428][ T8012] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  181.806900][ T8012] EXT4-fs (loop3): orphan cleanup on readonly fs
[  182.014279][ T8018] netlink: 'syz.1.1445': attribute type 1 has an invalid length.
[  182.210457][ T8020] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  182.571263][ T8012] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.1444: corrupted inode contents
[  182.597686][ T8012] EXT4-fs (loop3): Remounting filesystem read-only
[  182.604447][ T8012] EXT4-fs (loop3): 1 truncate cleaned up
[  182.610283][ T4633] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  182.620963][ T4633] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  182.666204][ T4633] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  182.692153][ T8012] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  182.707883][   T29] kauditd_printk_skb: 469 callbacks suppressed
[  182.707900][   T29] audit: type=1326 audit(2000000140.680:3969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8041 comm="syz.1.1452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f820dfbefc9 code=0x7ffc0000
[  182.738169][   T29] audit: type=1326 audit(2000000140.680:3970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8041 comm="syz.1.1452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f820dfbd810 code=0x7ffc0000
[  182.761626][   T29] audit: type=1326 audit(2000000140.680:3971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8041 comm="syz.1.1452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f820dfbda7f code=0x7ffc0000
[  182.784901][   T29] audit: type=1326 audit(2000000140.680:3972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8041 comm="syz.1.1452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f820dfbda7f code=0x7ffc0000
[  182.809211][   T29] audit: type=1326 audit(2000000140.680:3973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8041 comm="syz.1.1452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f820dfbefc9 code=0x7ffc0000
[  182.833093][   T29] audit: type=1326 audit(2000000140.710:3974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8011 comm="syz.3.1444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fdcc5d2d810 code=0x7ffc0000
[  182.856522][   T29] audit: type=1326 audit(2000000140.710:3975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8011 comm="syz.3.1444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7fdcc5d2dd17 code=0x7ffc0000
[  182.879881][   T29] audit: type=1326 audit(2000000140.710:3976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8011 comm="syz.3.1444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fdcc5d2d810 code=0x7ffc0000
[  182.903287][   T29] audit: type=1326 audit(2000000140.710:3977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8011 comm="syz.3.1444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdcc5d2efc9 code=0x7ffc0000
[  182.926692][   T29] audit: type=1326 audit(2000000140.710:3978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8011 comm="syz.3.1444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdcc5d2efc9 code=0x7ffc0000
[  182.989761][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.094657][ T8053] FAULT_INJECTION: forcing a failure.
[  183.094657][ T8053] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  183.107928][ T8053] CPU: 1 UID: 0 PID: 8053 Comm: syz.3.1457 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  183.107980][ T8053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  183.107995][ T8053] Call Trace:
[  183.108003][ T8053]  <TASK>
[  183.108013][ T8053]  __dump_stack+0x1d/0x30
[  183.108040][ T8053]  dump_stack_lvl+0xe8/0x140
[  183.108097][ T8053]  dump_stack+0x15/0x1b
[  183.108119][ T8053]  should_fail_ex+0x265/0x280
[  183.108158][ T8053]  should_fail+0xb/0x20
[  183.108178][ T8053]  should_fail_usercopy+0x1a/0x20
[  183.108220][ T8053]  strncpy_from_user+0x25/0x230
[  183.108261][ T8053]  ? kmem_cache_alloc_noprof+0x242/0x480
[  183.108296][ T8053]  ? getname_flags+0x80/0x3b0
[  183.108334][ T8053]  getname_flags+0xae/0x3b0
[  183.108447][ T8053]  user_path_at+0x28/0x130
[  183.108471][ T8053]  __x64_sys_umount+0x85/0xe0
[  183.108497][ T8053]  x64_sys_call+0xdd2/0x3000
[  183.108522][ T8053]  do_syscall_64+0xd2/0x200
[  183.108544][ T8053]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  183.108660][ T8053]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  183.108699][ T8053]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.108723][ T8053] RIP: 0033:0x7fdcc5d2efc9
[  183.108793][ T8053] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  183.108884][ T8053] RSP: 002b:00007fdcc478f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  183.108908][ T8053] RAX: ffffffffffffffda RBX: 00007fdcc5f85fa0 RCX: 00007fdcc5d2efc9
[  183.108921][ T8053] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00002000000002c0
[  183.108933][ T8053] RBP: 00007fdcc478f090 R08: 0000000000000000 R09: 0000000000000000
[  183.108946][ T8053] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  183.108960][ T8053] R13: 00007fdcc5f86038 R14: 00007fdcc5f85fa0 R15: 00007ffdddcaffe8
[  183.108988][ T8053]  </TASK>
[  183.368618][ T8058] FAULT_INJECTION: forcing a failure.
[  183.368618][ T8058] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  183.381892][ T8058] CPU: 0 UID: 0 PID: 8058 Comm: syz.3.1459 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  183.381963][ T8058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  183.381977][ T8058] Call Trace:
[  183.381984][ T8058]  <TASK>
[  183.381993][ T8058]  __dump_stack+0x1d/0x30
[  183.382021][ T8058]  dump_stack_lvl+0xe8/0x140
[  183.382081][ T8058]  dump_stack+0x15/0x1b
[  183.382100][ T8058]  should_fail_ex+0x265/0x280
[  183.382144][ T8058]  should_fail+0xb/0x20
[  183.382164][ T8058]  should_fail_usercopy+0x1a/0x20
[  183.382190][ T8058]  _copy_to_user+0x20/0xa0
[  183.382303][ T8058]  simple_read_from_buffer+0xb5/0x130
[  183.382335][ T8058]  proc_fail_nth_read+0x10e/0x150
[  183.382372][ T8058]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  183.382401][ T8058]  vfs_read+0x1a8/0x770
[  183.382427][ T8058]  ? __rcu_read_unlock+0x4f/0x70
[  183.382521][ T8058]  ? __fget_files+0x184/0x1c0
[  183.382617][ T8058]  ksys_read+0xda/0x1a0
[  183.382647][ T8058]  __x64_sys_read+0x40/0x50
[  183.382676][ T8058]  x64_sys_call+0x27c0/0x3000
[  183.382703][ T8058]  do_syscall_64+0xd2/0x200
[  183.382787][ T8058]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  183.382816][ T8058]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  183.382861][ T8058]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.382881][ T8058] RIP: 0033:0x7fdcc5d2d9dc
[  183.382896][ T8058] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  183.382917][ T8058] RSP: 002b:00007fdcc478f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  183.382966][ T8058] RAX: ffffffffffffffda RBX: 00007fdcc5f85fa0 RCX: 00007fdcc5d2d9dc
[  183.382979][ T8058] RDX: 000000000000000f RSI: 00007fdcc478f0a0 RDI: 0000000000000004
[  183.382990][ T8058] RBP: 00007fdcc478f090 R08: 0000000000000000 R09: 0000000000000000
[  183.383001][ T8058] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  183.383055][ T8058] R13: 00007fdcc5f86038 R14: 00007fdcc5f85fa0 R15: 00007ffdddcaffe8
[  183.383082][ T8058]  </TASK>
[  183.763685][ T8063] loop8: detected capacity change from 0 to 512
[  183.787502][ T8063] EXT4-fs (loop8): revision level too high, forcing read-only mode
[  183.795724][ T8063] EXT4-fs (loop8): orphan cleanup on readonly fs
[  183.803560][ T8068] loop9: detected capacity change from 0 to 164
[  183.811337][ T8063] EXT4-fs error (device loop8): ext4_do_update_inode:5632: inode #16: comm syz.8.1461: corrupted inode contents
[  183.824293][ T8068] Unable to read rock-ridge attributes
[  183.826453][ T8063] EXT4-fs (loop8): Remounting filesystem read-only
[  183.832599][ T8068] Unable to read rock-ridge attributes
[  183.838853][ T8063] EXT4-fs (loop8): 1 truncate cleaned up
[  183.926381][   T52] EXT4-fs (loop8): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  183.937035][   T52] EXT4-fs (loop8): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  183.957564][   T52] EXT4-fs (loop8): Quota write (off=8, len=24) cancelled because transaction is not started
[  183.987219][ T8063] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  184.237515][ T7821] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  184.521473][ T8083] loop8: detected capacity change from 0 to 512
[  184.612147][ T8083] EXT4-fs (loop8): revision level too high, forcing read-only mode
[  184.624472][ T8083] EXT4-fs (loop8): orphan cleanup on readonly fs
[  184.632369][ T8083] EXT4-fs error (device loop8): ext4_do_update_inode:5632: inode #16: comm syz.8.1468: corrupted inode contents
[  184.644953][ T8083] EXT4-fs (loop8): Remounting filesystem read-only
[  184.651698][ T8083] EXT4-fs (loop8): 1 truncate cleaned up
[  184.659724][ T4633] EXT4-fs (loop8): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  184.670393][ T4633] EXT4-fs (loop8): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  184.681796][ T4633] EXT4-fs (loop8): Quota write (off=8, len=24) cancelled because transaction is not started
[  184.692590][ T8083] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  184.729072][ T7821] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  184.787533][ T8089] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  184.929695][ T8100] loop4: detected capacity change from 0 to 164
[  184.949193][ T8100] Unable to read rock-ridge attributes
[  184.969529][ T8100] Unable to read rock-ridge attributes
[  185.007394][ T8089] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  185.055591][ T8103] FAULT_INJECTION: forcing a failure.
[  185.055591][ T8103] name failslab, interval 1, probability 0, space 0, times 0
[  185.068462][ T8103] CPU: 1 UID: 0 PID: 8103 Comm: syz.4.1475 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  185.068494][ T8103] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  185.068510][ T8103] Call Trace:
[  185.068517][ T8103]  <TASK>
[  185.068525][ T8103]  __dump_stack+0x1d/0x30
[  185.068546][ T8103]  dump_stack_lvl+0xe8/0x140
[  185.068607][ T8103]  dump_stack+0x15/0x1b
[  185.068629][ T8103]  should_fail_ex+0x265/0x280
[  185.068755][ T8103]  ? alloc_bprm+0x5c/0x350
[  185.068782][ T8103]  should_failslab+0x8c/0xb0
[  185.068814][ T8103]  __kmalloc_cache_noprof+0x4c/0x4a0
[  185.068877][ T8103]  alloc_bprm+0x5c/0x350
[  185.068906][ T8103]  do_execveat_common+0x12e/0x750
[  185.068942][ T8103]  __x64_sys_execve+0x5c/0x70
[  185.068970][ T8103]  x64_sys_call+0x271a/0x3000
[  185.069041][ T8103]  do_syscall_64+0xd2/0x200
[  185.069063][ T8103]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  185.069097][ T8103]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  185.069177][ T8103]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  185.069203][ T8103] RIP: 0033:0x7f6737b3efc9
[  185.069221][ T8103] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  185.069244][ T8103] RSP: 002b:00007f673659f038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[  185.069274][ T8103] RAX: ffffffffffffffda RBX: 00007f6737d95fa0 RCX: 00007f6737b3efc9
[  185.069286][ T8103] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000400
[  185.069338][ T8103] RBP: 00007f673659f090 R08: 0000000000000000 R09: 0000000000000000
[  185.069360][ T8103] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  185.069374][ T8103] R13: 00007f6737d96038 R14: 00007f6737d95fa0 R15: 00007ffdfd5d1f48
[  185.069398][ T8103]  </TASK>
[  185.252890][ T8089] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  185.300363][ T8089] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  185.337420][ T8107] loop4: detected capacity change from 0 to 1024
[  185.344865][ T8107] EXT4-fs: Ignoring removed nobh option
[  185.350522][ T8107] EXT4-fs: Ignoring removed bh option
[  185.360090][ T8107] EXT4-fs (loop4): stripe (8) is not aligned with cluster size (16), stripe is disabled
[  185.389192][ T4633] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  185.412289][ T4633] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  185.422201][ T4633] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  185.430977][ T8107] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  185.467704][ T4633] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  185.756237][ T8119] lo speed is unknown, defaulting to 1000
[  185.931808][ T8116] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1479'.
[  185.941037][ T8116] unsupported nlmsg_type 40
[  185.980761][ T8129] loop8: detected capacity change from 0 to 2048
[  186.001116][ T8129] EXT4-fs error (device loop8): ext4_ext_check_inode:523: inode #2: comm syz.8.1480: pblk 0 bad header/extent: too large eh_max - magic f30a, entries 1, max 260(4), depth 0(0)
[  186.022081][ T8129] EXT4-fs (loop8): get root inode failed
[  186.027882][ T8129] EXT4-fs (loop8): mount failed
[  186.214659][ T8150] loop3: detected capacity change from 0 to 512
[  186.228066][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  186.237408][ T8150] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  186.246023][ T8150] EXT4-fs (loop3): orphan cleanup on readonly fs
[  186.278489][ T8150] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.1491: corrupted inode contents
[  186.385832][ T8150] EXT4-fs (loop3): Remounting filesystem read-only
[  186.468129][ T8150] EXT4-fs (loop3): 1 truncate cleaned up
[  186.474260][ T4633] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  186.484856][ T4633] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  186.568158][ T4633] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  186.596019][ T8150] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  186.640229][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  186.681820][ T8163] IPv6: NLM_F_CREATE should be specified when creating new route
[  186.701961][ T8166] loop8: detected capacity change from 0 to 512
[  186.737680][ T8166] EXT4-fs (loop8): revision level too high, forcing read-only mode
[  186.750716][ T8166] EXT4-fs (loop8): orphan cleanup on readonly fs
[  186.772521][ T8166] EXT4-fs error (device loop8): ext4_do_update_inode:5632: inode #16: comm syz.8.1497: corrupted inode contents
[  186.786360][ T8166] EXT4-fs (loop8): Remounting filesystem read-only
[  186.790464][ T8174] netlink: 'syz.4.1500': attribute type 15 has an invalid length.
[  186.794705][ T8166] EXT4-fs (loop8): 1 truncate cleaned up
[  186.800964][ T8174] netlink: 723 bytes leftover after parsing attributes in process `syz.4.1500'.
[  186.816135][ T4633] EXT4-fs (loop8): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  186.826935][ T4633] EXT4-fs (loop8): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  186.827677][ T8174] vhci_hcd:  ClearPortFeature: USB_PORT_FEAT_SUSPEND req not supported for USB 3.0 roothub
[  186.847015][ T4633] EXT4-fs (loop8): Quota write (off=8, len=24) cancelled because transaction is not started
[  186.860878][ T8166] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  186.889605][ T7821] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  186.912477][ T8180] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1503'.
[  186.978022][ T8184] loop3: detected capacity change from 0 to 1024
[  186.984957][ T8184] EXT4-fs: Ignoring removed nobh option
[  186.990683][ T8184] EXT4-fs: Ignoring removed bh option
[  187.011184][ T8184] EXT4-fs (loop3): stripe (8) is not aligned with cluster size (16), stripe is disabled
[  187.039247][ T8184] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  187.161360][ T8206] loop9: detected capacity change from 0 to 164
[  187.169064][ T8206] Unable to read rock-ridge attributes
[  187.179740][ T8206] Unable to read rock-ridge attributes
[  187.337282][ T8210] lo speed is unknown, defaulting to 1000
[  187.766317][   T29] kauditd_printk_skb: 134 callbacks suppressed
[  187.766337][   T29] audit: type=1326 audit(2000000145.760:4089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8202 comm="syz.1.1511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f820dfbefc9 code=0x7ffc0000
[  188.196246][   T29] audit: type=1326 audit(2000000146.180:4090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8202 comm="syz.1.1511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f820dfbefc9 code=0x7ffc0000
[  188.219810][   T29] audit: type=1326 audit(2000000146.180:4091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8202 comm="syz.1.1511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f820dfbefc9 code=0x7ffc0000
[  188.243372][   T29] audit: type=1326 audit(2000000146.180:4092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8202 comm="syz.1.1511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f820dfbefc9 code=0x7ffc0000
[  188.266943][   T29] audit: type=1326 audit(2000000146.180:4093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8202 comm="syz.1.1511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f820dfbefc9 code=0x7ffc0000
[  188.290611][   T29] audit: type=1326 audit(2000000146.180:4094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8202 comm="syz.1.1511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f820dfbefc9 code=0x7ffc0000
[  188.314592][   T29] audit: type=1326 audit(2000000146.190:4095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8202 comm="syz.1.1511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=451 compat=0 ip=0x7f820dfbefc9 code=0x7ffc0000
[  188.339304][   T29] audit: type=1326 audit(2000000146.190:4096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8202 comm="syz.1.1511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f820dfbefc9 code=0x7ffc0000
[  188.362825][   T29] audit: type=1326 audit(2000000146.190:4097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8202 comm="syz.1.1511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f820dfbefc9 code=0x7ffc0000
[  188.386226][   T29] audit: type=1326 audit(2000000146.190:4098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8202 comm="syz.1.1511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f820dfbefc9 code=0x7ffc0000
[  188.411013][ T8213] loop9: detected capacity change from 0 to 164
[  188.463972][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  188.476088][ T8213] Unable to read rock-ridge attributes
[  188.498594][ T8213] Unable to read rock-ridge attributes
[  188.793025][ T8222] FAULT_INJECTION: forcing a failure.
[  188.793025][ T8222] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  188.806909][ T8222] CPU: 0 UID: 0 PID: 8222 Comm: syz.9.1517 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  188.806941][ T8222] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  188.806999][ T8222] Call Trace:
[  188.807006][ T8222]  <TASK>
[  188.807017][ T8222]  __dump_stack+0x1d/0x30
[  188.807118][ T8222]  dump_stack_lvl+0xe8/0x140
[  188.807180][ T8222]  dump_stack+0x15/0x1b
[  188.807198][ T8222]  should_fail_ex+0x265/0x280
[  188.807296][ T8222]  should_fail+0xb/0x20
[  188.807316][ T8222]  should_fail_usercopy+0x1a/0x20
[  188.807388][ T8222]  _copy_from_user+0x1c/0xb0
[  188.807439][ T8222]  copy_from_bpfptr+0x5c/0x90
[  188.807508][ T8222]  bpf_prog_load+0x73b/0x1100
[  188.807535][ T8222]  ? security_bpf+0x2b/0x90
[  188.807567][ T8222]  __sys_bpf+0x469/0x7c0
[  188.807599][ T8222]  __x64_sys_bpf+0x41/0x50
[  188.807692][ T8222]  x64_sys_call+0x2aee/0x3000
[  188.807720][ T8222]  do_syscall_64+0xd2/0x200
[  188.807742][ T8222]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  188.807802][ T8222]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  188.807874][ T8222]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.807944][ T8222] RIP: 0033:0x7f54f736efc9
[  188.807960][ T8222] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  188.807977][ T8222] RSP: 002b:00007f54f5dcf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  188.807995][ T8222] RAX: ffffffffffffffda RBX: 00007f54f75c5fa0 RCX: 00007f54f736efc9
[  188.808011][ T8222] RDX: 0000000000000094 RSI: 0000200000000780 RDI: 0000000000000005
[  188.808027][ T8222] RBP: 00007f54f5dcf090 R08: 0000000000000000 R09: 0000000000000000
[  188.808042][ T8222] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  188.808088][ T8222] R13: 00007f54f75c6038 R14: 00007f54f75c5fa0 R15: 00007fff71d7a708
[  188.808107][ T8222]  </TASK>
[  189.158031][ T8226] loop8: detected capacity change from 0 to 1024
[  189.181300][ T8226] EXT4-fs: Ignoring removed nobh option
[  189.187033][ T8226] EXT4-fs: Ignoring removed bh option
[  189.206632][ T8228] loop9: detected capacity change from 0 to 1024
[  189.216809][ T8226] EXT4-fs (loop8): stripe (8) is not aligned with cluster size (16), stripe is disabled
[  189.235675][ T8228] EXT4-fs: Ignoring removed nobh option
[  189.241398][ T8228] EXT4-fs: Ignoring removed bh option
[  189.255302][ T8228] EXT4-fs (loop9): stripe (8) is not aligned with cluster size (16), stripe is disabled
[  189.271895][ T8226] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  189.285443][ T8228] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  189.435785][ T8237] pim6reg: entered allmulticast mode
[  190.421169][ T8247] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1524'.
[  190.439447][ T8237] bond0: (slave bond_slave_0): Releasing backup interface
[  190.449661][ T8237] bond0: (slave bond_slave_1): Releasing backup interface
[  190.461921][ T8237] team0: Port device team_slave_0 removed
[  190.470744][ T8237] team0: Port device team_slave_1 removed
[  190.478048][ T8237] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  190.485459][ T8237] batman_adv: batadv0: Removing interface: batadv_slave_0
[  190.494309][ T8237] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  190.501862][ T8237] batman_adv: batadv0: Removing interface: batadv_slave_1
[  190.548063][ T8237] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  190.574420][ T8244] lo speed is unknown, defaulting to 1000
[  190.612324][ T8243] lo speed is unknown, defaulting to 1000
[  190.654619][ T8257] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1527'.
[  190.692056][ T8260] loop4: detected capacity change from 0 to 512
[  190.758608][ T8260] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  190.768978][ T8260] EXT4-fs (loop4): orphan cleanup on readonly fs
[  190.782592][ T8260] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #16: comm syz.4.1528: corrupted inode contents
[  190.797247][ T8260] EXT4-fs (loop4): Remounting filesystem read-only
[  190.803950][ T8260] EXT4-fs (loop4): 1 truncate cleaned up
[  190.813627][   T52] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  190.824863][   T52] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  190.835598][   T52] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[  190.855572][ T8260] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  190.885377][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.902644][ T8277] FAULT_INJECTION: forcing a failure.
[  190.902644][ T8277] name failslab, interval 1, probability 0, space 0, times 0
[  190.915338][ T8277] CPU: 1 UID: 0 PID: 8277 Comm: syz.4.1536 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  190.915363][ T8277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  190.915450][ T8277] Call Trace:
[  190.915456][ T8277]  <TASK>
[  190.915462][ T8277]  __dump_stack+0x1d/0x30
[  190.915490][ T8277]  dump_stack_lvl+0xe8/0x140
[  190.915508][ T8277]  dump_stack+0x15/0x1b
[  190.915525][ T8277]  should_fail_ex+0x265/0x280
[  190.915622][ T8277]  should_failslab+0x8c/0xb0
[  190.915648][ T8277]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[  190.915675][ T8277]  ? __alloc_skb+0x101/0x320
[  190.915756][ T8277]  __alloc_skb+0x101/0x320
[  190.915789][ T8277]  netlink_alloc_large_skb+0xbf/0xf0
[  190.915816][ T8277]  netlink_sendmsg+0x3cf/0x6b0
[  190.915848][ T8277]  ? __pfx_netlink_sendmsg+0x10/0x10
[  190.915975][ T8277]  __sock_sendmsg+0x145/0x180
[  190.916071][ T8277]  ____sys_sendmsg+0x31e/0x4e0
[  190.916103][ T8277]  ___sys_sendmsg+0x17b/0x1d0
[  190.916159][ T8277]  __x64_sys_sendmsg+0xd4/0x160
[  190.916254][ T8277]  x64_sys_call+0x191e/0x3000
[  190.916280][ T8277]  do_syscall_64+0xd2/0x200
[  190.916299][ T8277]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  190.916398][ T8277]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  190.916426][ T8277]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.916488][ T8277] RIP: 0033:0x7f6737b3efc9
[  190.916501][ T8277] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  190.916582][ T8277] RSP: 002b:00007f673659f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  190.916598][ T8277] RAX: ffffffffffffffda RBX: 00007f6737d95fa0 RCX: 00007f6737b3efc9
[  190.916609][ T8277] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000003
[  190.916620][ T8277] RBP: 00007f673659f090 R08: 0000000000000000 R09: 0000000000000000
[  190.916631][ T8277] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  190.916680][ T8277] R13: 00007f6737d96038 R14: 00007f6737d95fa0 R15: 00007ffdfd5d1f48
[  190.916698][ T8277]  </TASK>
[  191.162154][ T8280] loop4: detected capacity change from 0 to 4096
[  191.171888][ T8280] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  191.187176][ T7821] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.187406][ T8280] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.251082][ T8258] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.292025][ T4652] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  191.339501][ T8296] loop3: detected capacity change from 0 to 164
[  191.359943][ T4652] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  191.370586][ T8296] Unable to read rock-ridge attributes
[  191.378127][ T8296] Unable to read rock-ridge attributes
[  191.442055][ T8307] loop8: detected capacity change from 0 to 512
[  191.465046][ T8297] lo speed is unknown, defaulting to 1000
[  191.522999][ T4652] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  191.550132][ T8307] EXT4-fs (loop8): revision level too high, forcing read-only mode
[  191.558989][ T8307] EXT4-fs (loop8): orphan cleanup on readonly fs
[  191.567936][ T8307] EXT4-fs error (device loop8): ext4_do_update_inode:5632: inode #16: comm syz.8.1548: corrupted inode contents
[  191.580162][ T8307] EXT4-fs (loop8): Remounting filesystem read-only
[  191.588196][ T8307] EXT4-fs (loop8): 1 truncate cleaned up
[  191.594382][ T1432] EXT4-fs (loop8): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  191.605388][ T1432] EXT4-fs (loop8): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  191.672888][ T4652] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  191.769525][ T8297] chnl_net:caif_netlink_parms(): no params data found
[  191.814270][ T4652] bridge_slave_1: left allmulticast mode
[  191.820011][ T4652] bridge_slave_1: left promiscuous mode
[  191.825767][ T4652] bridge0: port 2(bridge_slave_1) entered disabled state
[  191.908541][ T8333] loop3: detected capacity change from 0 to 164
[  191.933504][ T4652] bridge_slave_0: left allmulticast mode
[  191.939391][ T4652] bridge_slave_0: left promiscuous mode
[  191.945095][ T4652] bridge0: port 1(bridge_slave_0) entered disabled state
[  191.960723][ T8333] Unable to read rock-ridge attributes
[  191.976918][ T8333] Unable to read rock-ridge attributes
[  192.022951][ T1432] EXT4-fs (loop8): Quota write (off=8, len=24) cancelled because transaction is not started
[  192.033924][ T8307] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  192.077392][ T7821] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.149137][ T4652] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  192.159506][ T4652] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  192.169563][ T4652] bond0 (unregistering): Released all slaves
[  192.236886][ T8297] bridge0: port 1(bridge_slave_0) entered blocking state
[  192.244128][ T8297] bridge0: port 1(bridge_slave_0) entered disabled state
[  192.252128][ T8297] bridge_slave_0: entered allmulticast mode
[  192.258738][ T8297] bridge_slave_0: entered promiscuous mode
[  192.265831][ T8352] syzkaller0: entered promiscuous mode
[  192.271424][ T8352] syzkaller0: entered allmulticast mode
[  192.320122][ T8297] bridge0: port 2(bridge_slave_1) entered blocking state
[  192.327304][ T8297] bridge0: port 2(bridge_slave_1) entered disabled state
[  192.340328][ T8297] bridge_slave_1: entered allmulticast mode
[  192.348589][ T8297] bridge_slave_1: entered promiscuous mode
[  192.357671][ T4652] hsr_slave_0: left promiscuous mode
[  192.363480][ T4652] hsr_slave_1: left promiscuous mode
[  192.369551][ T4652] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  192.376994][ T4652] batman_adv: batadv0: Removing interface: batadv_slave_0
[  192.384885][ T4652] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  192.392333][ T4652] batman_adv: batadv0: Removing interface: batadv_slave_1
[  192.421129][ T8360] FAULT_INJECTION: forcing a failure.
[  192.421129][ T8360] name failslab, interval 1, probability 0, space 0, times 0
[  192.433846][ T8360] CPU: 1 UID: 0 PID: 8360 Comm: syz.3.1563 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  192.433874][ T8360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  192.433886][ T8360] Call Trace:
[  192.433892][ T8360]  <TASK>
[  192.433900][ T8360]  __dump_stack+0x1d/0x30
[  192.433920][ T8360]  dump_stack_lvl+0xe8/0x140
[  192.433944][ T8360]  dump_stack+0x15/0x1b
[  192.433965][ T8360]  should_fail_ex+0x265/0x280
[  192.434008][ T8360]  should_failslab+0x8c/0xb0
[  192.434041][ T8360]  kmem_cache_alloc_noprof+0x50/0x480
[  192.434069][ T8360]  ? vm_area_dup+0x33/0x2c0
[  192.434101][ T8360]  vm_area_dup+0x33/0x2c0
[  192.434130][ T8360]  dup_mmap+0x501/0xf20
[  192.434157][ T8360]  copy_mm+0x11a/0x370
[  192.434192][ T8360]  copy_process+0xd08/0x2000
[  192.434227][ T8360]  kernel_clone+0x16c/0x5c0
[  192.434257][ T8360]  __x64_sys_clone+0xe6/0x120
[  192.434302][ T8360]  x64_sys_call+0x119c/0x3000
[  192.434337][ T8360]  do_syscall_64+0xd2/0x200
[  192.434359][ T8360]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  192.434391][ T8360]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  192.434420][ T8360]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.434440][ T8360] RIP: 0033:0x7fdcc5d2efc9
[  192.434457][ T8360] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  192.434479][ T8360] RSP: 002b:00007fdcc474cfe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  192.434502][ T8360] RAX: ffffffffffffffda RBX: 00007fdcc5f86180 RCX: 00007fdcc5d2efc9
[  192.434517][ T8360] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000060100000
[  192.434533][ T8360] RBP: 00007fdcc474d090 R08: 0000000000000000 R09: 0000000000000000
[  192.434548][ T8360] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  192.434562][ T8360] R13: 00007fdcc5f86218 R14: 00007fdcc5f86180 R15: 00007ffdddcaffe8
[  192.434585][ T8360]  </TASK>
[  192.638157][ T4652] veth1_macvtap: left promiscuous mode
[  192.643969][ T4652] veth0_macvtap: left promiscuous mode
[  192.649707][ T4652] veth1_vlan: left promiscuous mode
[  192.655158][ T4652] veth0_vlan: left promiscuous mode
[  192.907907][ T4652] team0 (unregistering): Port device team_slave_1 removed
[  192.910944][ T8364] IPv6: NLM_F_CREATE should be specified when creating new route
[  192.923280][ T4652] team0 (unregistering): Port device team_slave_0 removed
[  192.951600][   T29] kauditd_printk_skb: 106 callbacks suppressed
[  192.951624][   T29] audit: type=1400 audit(2000000150.950:4193): avc:  denied  { execute } for  pid=8365 comm="syz.1.1568" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=22947 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  193.007560][ T8369] loop4: detected capacity change from 0 to 164
[  193.015963][ T8369] Unable to read rock-ridge attributes
[  193.028954][ T8297] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  193.029903][ T8369] Unable to read rock-ridge attributes
[  193.088558][ T8297] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  193.127730][ T8297] team0: Port device team_slave_0 added
[  193.134471][ T8297] team0: Port device team_slave_1 added
[  193.156631][ T8297] batman_adv: batadv0: Adding interface: batadv_slave_0
[  193.163618][ T8297] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  193.189752][ T8297] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  193.238001][   T10] hid_parser_main: 8 callbacks suppressed
[  193.238019][   T10] hid-generic 0003:0003:0000.0005: unknown main item tag 0x0
[  193.251281][   T10] hid-generic 0003:0003:0000.0005: unknown main item tag 0x0
[  193.258712][   T10] hid-generic 0003:0003:0000.0005: unknown main item tag 0x0
[  193.266099][   T10] hid-generic 0003:0003:0000.0005: unknown main item tag 0x0
[  193.273535][   T10] hid-generic 0003:0003:0000.0005: unknown main item tag 0x0
[  193.280988][   T10] hid-generic 0003:0003:0000.0005: unknown main item tag 0x0
[  193.288452][   T10] hid-generic 0003:0003:0000.0005: unknown main item tag 0x0
[  193.295915][   T10] hid-generic 0003:0003:0000.0005: unknown main item tag 0x0
[  193.303386][   T10] hid-generic 0003:0003:0000.0005: unknown main item tag 0x0
[  193.310817][   T10] hid-generic 0003:0003:0000.0005: unknown main item tag 0x0
[  193.320211][ T8297] batman_adv: batadv0: Adding interface: batadv_slave_1
[  193.327215][ T8297] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  193.353379][ T8297] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  193.371844][ T8392] loop3: detected capacity change from 0 to 512
[  193.374832][   T10] hid-generic 0003:0003:0000.0005: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  193.391137][ T8392] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities
[  193.514983][ T8383] FAULT_INJECTION: forcing a failure.
[  193.514983][ T8383] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  193.528230][ T8383] CPU: 0 UID: 0 PID: 8383 Comm: syz.4.1574 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  193.528256][ T8383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  193.528289][ T8383] Call Trace:
[  193.528296][ T8383]  <TASK>
[  193.528353][ T8383]  __dump_stack+0x1d/0x30
[  193.528384][ T8383]  dump_stack_lvl+0xe8/0x140
[  193.528412][ T8383]  dump_stack+0x15/0x1b
[  193.528506][ T8383]  should_fail_ex+0x265/0x280
[  193.528553][ T8383]  should_fail+0xb/0x20
[  193.528569][ T8383]  should_fail_usercopy+0x1a/0x20
[  193.528594][ T8383]  _copy_to_user+0x20/0xa0
[  193.528620][ T8383]  uhid_char_read+0x291/0x3d0
[  193.528659][ T8383]  ? __pfx_uhid_char_read+0x10/0x10
[  193.528713][ T8383]  vfs_readv+0x3fb/0x690
[  193.528756][ T8383]  ? __pfx_uhid_char_read+0x10/0x10
[  193.528855][ T8383]  do_readv+0xe7/0x210
[  193.528898][ T8383]  __x64_sys_readv+0x45/0x50
[  193.528935][ T8383]  x64_sys_call+0x29fc/0x3000
[  193.528965][ T8383]  do_syscall_64+0xd2/0x200
[  193.529066][ T8383]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  193.529101][ T8383]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  193.529151][ T8383]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  193.529176][ T8383] RIP: 0033:0x7f6737b3efc9
[  193.529196][ T8383] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  193.529222][ T8383] RSP: 002b:00007f673659f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[  193.529248][ T8383] RAX: ffffffffffffffda RBX: 00007f6737d95fa0 RCX: 00007f6737b3efc9
[  193.529321][ T8383] RDX: 0000000000000002 RSI: 0000200000000140 RDI: 0000000000000003
[  193.529399][ T8383] RBP: 00007f673659f090 R08: 0000000000000000 R09: 0000000000000000
[  193.529415][ T8383] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  193.529431][ T8383] R13: 00007f6737d96038 R14: 00007f6737d95fa0 R15: 00007ffdfd5d1f48
[  193.529455][ T8383]  </TASK>
[  193.531619][ T8297] hsr_slave_0: entered promiscuous mode
[  193.652321][ T8398] IPv6: NLM_F_CREATE should be specified when creating new route
[  193.692085][ T8297] hsr_slave_1: entered promiscuous mode
[  193.841582][ T8297] debugfs: 'hsr0' already exists in 'hsr'
[  193.847433][ T8297] Cannot create hsr debugfs directory
[  193.862132][ T8394] lo speed is unknown, defaulting to 1000
[  194.072001][ T8402] loop4: detected capacity change from 0 to 512
[  194.143484][ T8402] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  194.163142][   T29] audit: type=1326 audit(2000000152.160:4194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8404 comm="syz.1.1580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f820dfbefc9 code=0x7ffc0000
[  194.189939][ T8402] EXT4-fs (loop4): orphan cleanup on readonly fs
[  194.199211][ T8402] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #16: comm syz.4.1579: corrupted inode contents
[  194.206696][   T29] audit: type=1326 audit(2000000152.160:4195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8404 comm="syz.1.1580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f820dfbefc9 code=0x7ffc0000
[  194.234506][   T29] audit: type=1326 audit(2000000152.160:4196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8404 comm="syz.1.1580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f820dfbefc9 code=0x7ffc0000
[  194.234740][ T8402] EXT4-fs (loop4): Remounting filesystem read-only
[  194.258053][   T29] audit: type=1326 audit(2000000152.160:4197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8404 comm="syz.1.1580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f820dfbefc9 code=0x7ffc0000
[  194.266386][ T8402] EXT4-fs (loop4): 1 truncate cleaned up
[  194.288131][   T29] audit: type=1326 audit(2000000152.160:4198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8404 comm="syz.1.1580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f820dfbefc9 code=0x7ffc0000
[  194.319304][   T29] audit: type=1326 audit(2000000152.160:4199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8404 comm="syz.1.1580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f820dfbefc9 code=0x7ffc0000
[  194.342819][   T29] audit: type=1326 audit(2000000152.160:4200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8404 comm="syz.1.1580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f820dfbefc9 code=0x7ffc0000
[  194.366202][   T29] audit: type=1326 audit(2000000152.160:4201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8404 comm="syz.1.1580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f820dfbefc9 code=0x7ffc0000
[  194.389652][   T29] audit: type=1326 audit(2000000152.160:4202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8404 comm="syz.1.1580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f820dfbefc9 code=0x7ffc0000
[  194.413286][ T4652] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  194.424063][ T4652] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  194.450230][ T4652] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[  194.461264][ T8402] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  194.462852][ T8412] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1583'.
[  194.507363][ T8414] loop8: detected capacity change from 0 to 164
[  194.536999][ T8414] Unable to read rock-ridge attributes
[  194.550063][ T8414] Unable to read rock-ridge attributes
[  194.558579][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.611284][ T8420] loop8: detected capacity change from 0 to 764
[  194.650534][ T7821] rock: directory entry would overflow storage
[  194.656813][ T7821] rock: sig=0x4f50, size=4, remaining=3
[  194.662459][ T7821] iso9660: Corrupted directory entry in block 6 of inode 1792
[  194.676655][ T7821] Symlink component flag not implemented
[  194.682720][ T7821] iso9660: Corrupted directory entry in block 6 of inode 1792
[  194.698942][ T8428] SELinux: failure in selinux_parse_skb(), unable to parse packet
[  194.701070][ T8297] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  194.706864][ T8428] SELinux: failure in selinux_parse_skb(), unable to parse packet
[  194.768642][ T8297] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  194.777972][ T8297] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  194.786556][ T8430] netlink: 36 bytes leftover after parsing attributes in process `syz.8.1592'.
[  194.819301][ T8297] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  194.882602][ T8439] netlink: 36 bytes leftover after parsing attributes in process `syz.8.1595'.
[  194.900240][ T8297] 8021q: adding VLAN 0 to HW filter on device bond0
[  194.923302][ T8297] 8021q: adding VLAN 0 to HW filter on device team0
[  194.959745][ T8436] loop4: detected capacity change from 0 to 8192
[  194.979706][ T8436] vfat: Unknown parameter 'À'
[  195.034673][   T31] bridge0: port 1(bridge_slave_0) entered blocking state
[  195.041872][   T31] bridge0: port 1(bridge_slave_0) entered forwarding state
[  195.068719][   T31] bridge0: port 2(bridge_slave_1) entered blocking state
[  195.075862][   T31] bridge0: port 2(bridge_slave_1) entered forwarding state
[  195.698195][ T8297] 8021q: adding VLAN 0 to HW filter on device batadv0
[  195.852810][ T8297] veth0_vlan: entered promiscuous mode
[  195.859712][ T8463] loop8: detected capacity change from 0 to 164
[  195.868765][ T8436] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1594'.
[  195.879128][ T8463] Unable to read rock-ridge attributes
[  195.882560][ T8297] veth1_vlan: entered promiscuous mode
[  195.891937][ T8463] Unable to read rock-ridge attributes
[  195.903194][ T8436] loop4: detected capacity change from 0 to 1024
[  195.916828][ T8297] veth0_macvtap: entered promiscuous mode
[  195.930308][ T8297] veth1_macvtap: entered promiscuous mode
[  195.947682][ T8436] EXT4-fs (loop4): stripe (4) is not aligned with cluster size (4096), stripe is disabled
[  195.949705][ T8465] loop8: detected capacity change from 0 to 512
[  195.963739][ T8297] batman_adv: batadv0: Interface activated: batadv_slave_0
[  195.983116][ T8297] batman_adv: batadv0: Interface activated: batadv_slave_1
[  195.999362][ T1432] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  196.012645][ T8465] EXT4-fs (loop8): revision level too high, forcing read-only mode
[  196.020721][ T1432] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  196.033341][ T8465] EXT4-fs (loop8): orphan cleanup on readonly fs
[  196.041705][ T8465] EXT4-fs error (device loop8): ext4_do_update_inode:5632: inode #16: comm syz.8.1598: corrupted inode contents
[  196.054616][ T8465] EXT4-fs (loop8): Remounting filesystem read-only
[  196.055443][ T1432] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  196.061817][ T8465] EXT4-fs (loop8): 1 truncate cleaned up
[  196.075959][ T3449] EXT4-fs (loop8): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  196.086597][ T3449] EXT4-fs (loop8): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  196.098358][ T8436] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 2: comm syz.4.1594: lblock 2 mapped to illegal pblock 2 (length 1)
[  196.135812][ T1432] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  196.161591][ T3449] EXT4-fs (loop8): Quota write (off=8, len=24) cancelled because transaction is not started
[  196.173021][ T8436] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 48: comm syz.4.1594: lblock 0 mapped to illegal pblock 48 (length 1)
[  196.206453][ T8436] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.1594: Failed to acquire dquot type 0
[  196.215149][ T8465] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  196.266409][ T8436] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  196.283097][ T8482] random: crng reseeded on system resumption
[  196.285736][ T8480] SELinux: failure in selinux_parse_skb(), unable to parse packet
[  196.289728][ T8436] EXT4-fs error (device loop4): ext4_evict_inode:254: inode #11: comm syz.4.1594: mark_inode_dirty error
[  196.297103][ T8480] SELinux: failure in selinux_parse_skb(), unable to parse packet
[  196.317691][ T7821] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.352355][ T8436] EXT4-fs warning (device loop4): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  196.365119][ T8436] EXT4-fs (loop4): 1 orphan inode deleted
[  196.371782][ T8436] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  196.384507][ T1432] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:5: lblock 1 mapped to illegal pblock 1 (length 1)
[  196.400865][ T1432] EXT4-fs error (device loop4): ext4_release_dquot:6981: comm kworker/u8:5: Failed to release dquot type 0
[  196.476904][ T8490] loop3: detected capacity change from 0 to 1024
[  196.484472][ T8490] EXT4-fs: Ignoring removed nobh option
[  196.490137][ T8490] EXT4-fs: Ignoring removed bh option
[  196.507490][ T8490] EXT4-fs (loop3): stripe (8) is not aligned with cluster size (16), stripe is disabled
[  196.554175][ T8490] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  196.571937][ T8491] loop2: detected capacity change from 0 to 8192
[  196.578676][ T8491] vfat: Unknown parameter 'À'
[  196.606071][ T8492] loop8: detected capacity change from 0 to 512
[  196.685076][ T8492] EXT4-fs (loop8): 1 orphan inode deleted
[  196.691428][ T8492] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  196.704402][ T3449] EXT4-fs error (device loop8): ext4_release_dquot:6981: comm kworker/u8:7: Failed to release dquot type 1
[  196.704715][ T8492] ext4 filesystem being mounted at /38/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  196.847321][ T8499] lo speed is unknown, defaulting to 1000
[  196.907515][ T8492] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  196.926966][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.948501][   T31] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:1: lblock 1 mapped to illegal pblock 1 (length 1)
[  196.983428][ T8503] netlink: 92 bytes leftover after parsing attributes in process `gtp'.
[  196.992105][   T31] EXT4-fs error (device loop4): ext4_release_dquot:6981: comm kworker/u8:1: Failed to release dquot type 0
[  197.010246][ T8491] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1606'.
[  197.034051][ T8491] loop2: detected capacity change from 0 to 1024
[  197.043560][ T8491] EXT4-fs (loop2): stripe (4) is not aligned with cluster size (4096), stripe is disabled
[  197.062907][ T8503] netlink: 32 bytes leftover after parsing attributes in process `gtp'.
[  197.075672][ T3319] EXT4-fs error (device loop4): __ext4_get_inode_loc:4832: comm syz-executor: Invalid inode table block 1 in block_group 0
[  197.091355][ T3319] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  197.119430][ T8491] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 2: comm syz.2.1606: lblock 2 mapped to illegal pblock 2 (length 1)
[  197.137331][ T3319] EXT4-fs error (device loop4): ext4_quota_off:7229: inode #3: comm syz-executor: mark_inode_dirty error
[  197.159448][ T8491] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 48: comm syz.2.1606: lblock 0 mapped to illegal pblock 48 (length 1)
[  197.197997][ T8511] loop4: detected capacity change from 0 to 164
[  197.217646][ T8511] Unable to read rock-ridge attributes
[  197.228262][ T8491] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.1606: Failed to acquire dquot type 0
[  197.228320][ T7821] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.241938][ T8511] Unable to read rock-ridge attributes
[  197.254659][ T8491] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  197.269938][ T8491] EXT4-fs error (device loop2): ext4_evict_inode:254: inode #11: comm syz.2.1606: mark_inode_dirty error
[  197.283453][ T8491] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  197.295488][ T8491] EXT4-fs (loop2): 1 orphan inode deleted
[  197.301606][ T8491] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  197.342214][   T52] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:3: lblock 1 mapped to illegal pblock 1 (length 1)
[  197.378561][   T52] EXT4-fs error (device loop2): ext4_release_dquot:6981: comm kworker/u8:3: Failed to release dquot type 0
[  197.414406][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.459170][ T8530] loop3: detected capacity change from 0 to 512
[  197.474495][ T8532] netlink: 92 bytes leftover after parsing attributes in process `gtp'.
[  197.483663][ T8532] netlink: 32 bytes leftover after parsing attributes in process `gtp'.
[  197.484224][ T8530] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  197.500965][ T8530] EXT4-fs (loop3): orphan cleanup on readonly fs
[  197.520279][ T8530] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.1615: corrupted inode contents
[  197.583291][ T8535] loop8: detected capacity change from 0 to 8192
[  197.590254][ T8535] vfat: Unknown parameter 'À'
[  197.626656][ T8530] EXT4-fs (loop3): Remounting filesystem read-only
[  197.633380][ T8530] EXT4-fs (loop3): 1 truncate cleaned up
[  197.639247][   T52] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  197.649899][   T52] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  197.683910][   T52] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  197.705190][ T8530] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  197.742294][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.824517][ T8541] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1623'.
[  197.965608][ T8297] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.976310][ T3449] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:7: lblock 1 mapped to illegal pblock 1 (length 1)
[  198.011601][ T3449] __quota_error: 141 callbacks suppressed
[  198.011618][ T3449] Quota error (device loop2): remove_tree: Can't read quota data block 1
[  198.025981][ T3449] EXT4-fs error (device loop2): ext4_release_dquot:6981: comm kworker/u8:7: Failed to release dquot type 0
[  198.047364][ T8535] loop8: detected capacity change from 0 to 1024
[  198.068104][ T8535] EXT4-fs (loop8): stripe (4) is not aligned with cluster size (4096), stripe is disabled
[  198.086265][ T8297] EXT4-fs error (device loop2): __ext4_get_inode_loc:4832: comm syz-executor: Invalid inode table block 1 in block_group 0
[  198.105707][ T8297] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  198.136696][ T8297] EXT4-fs error (device loop2): ext4_quota_off:7229: inode #3: comm syz-executor: mark_inode_dirty error
[  198.178407][ T8535] EXT4-fs error (device loop8): ext4_map_blocks:778: inode #3: block 2: comm syz.8.1619: lblock 2 mapped to illegal pblock 2 (length 1)
[  198.192669][ T8548] loop3: detected capacity change from 0 to 512
[  198.204967][ T8535] Quota error (device loop8): qtree_write_dquot: dquota write failed
[  198.217738][ T8548] EXT4-fs (loop3): 1 orphan inode deleted
[  198.223803][ T8550] loop2: detected capacity change from 0 to 1024
[  198.223929][ T8548] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  198.230954][ T8550] EXT4-fs: Ignoring removed nobh option
[  198.248455][ T8550] EXT4-fs: Ignoring removed bh option
[  198.248549][ T8548] ext4 filesystem being mounted at /324/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  198.257808][ T8535] EXT4-fs error (device loop8): ext4_map_blocks:778: inode #3: block 48: comm syz.8.1619: lblock 0 mapped to illegal pblock 48 (length 1)
[  198.264875][   T31] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  198.288101][   T31] EXT4-fs error (device loop3): ext4_release_dquot:6981: comm kworker/u8:1: Failed to release dquot type 1
[  198.302470][ T8548] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  198.330056][ T8535] Quota error (device loop8): v2_write_file_info: Can't write info structure
[  198.338990][ T8535] EXT4-fs error (device loop8): ext4_acquire_dquot:6945: comm syz.8.1619: Failed to acquire dquot type 0
[  198.339521][ T8550] EXT4-fs (loop2): stripe (8) is not aligned with cluster size (16), stripe is disabled
[  198.360402][ T8535] EXT4-fs error (device loop8) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  198.370283][ T8535] EXT4-fs error (device loop8): ext4_evict_inode:254: inode #11: comm syz.8.1619: mark_inode_dirty error
[  198.382715][ T8535] EXT4-fs warning (device loop8): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  198.395722][ T8550] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  198.534861][ T8535] EXT4-fs (loop8): 1 orphan inode deleted
[  198.546273][ T3449] EXT4-fs error (device loop8): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:7: lblock 1 mapped to illegal pblock 1 (length 1)
[  198.561922][ T8535] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  198.574185][ T3449] Quota error (device loop8): remove_tree: Can't read quota data block 1
[  198.582776][ T3449] EXT4-fs error (device loop8): ext4_release_dquot:6981: comm kworker/u8:7: Failed to release dquot type 0
[  198.708021][ T8557] lo speed is unknown, defaulting to 1000
[  199.120560][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.166243][   T29] audit: type=1326 audit(2000000157.150:4318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8559 comm="syz.4.1627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6737b3efc9 code=0x7ffc0000
[  199.189755][   T29] audit: type=1326 audit(2000000157.160:4319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8559 comm="syz.4.1627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6737b3efc9 code=0x7ffc0000
[  199.213498][   T29] audit: type=1326 audit(2000000157.160:4320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8559 comm="syz.4.1627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6737b3efc9 code=0x7ffc0000
[  199.236959][   T29] audit: type=1326 audit(2000000157.160:4321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8559 comm="syz.4.1627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6737b3efc9 code=0x7ffc0000
[  199.260396][   T29] audit: type=1326 audit(2000000157.160:4322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8559 comm="syz.4.1627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6737b3efc9 code=0x7ffc0000
[  199.286822][ T8297] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.303116][ T8563] random: crng reseeded on system resumption
[  199.327297][ T7821] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.349270][   T52] EXT4-fs error (device loop8): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:3: lblock 1 mapped to illegal pblock 1 (length 1)
[  199.373743][   T52] EXT4-fs error (device loop8): ext4_release_dquot:6981: comm kworker/u8:3: Failed to release dquot type 0
[  199.396896][ T7821] EXT4-fs error (device loop8): __ext4_get_inode_loc:4832: comm syz-executor: Invalid inode table block 1 in block_group 0
[  199.417729][ T7821] EXT4-fs error (device loop8) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  199.446897][ T7821] EXT4-fs error (device loop8): ext4_quota_off:7229: inode #3: comm syz-executor: mark_inode_dirty error
[  199.476961][ T8574] loop3: detected capacity change from 0 to 1024
[  199.484084][ T8574] EXT4-fs: Ignoring removed nobh option
[  199.489881][ T8574] EXT4-fs: Ignoring removed bh option
[  199.528760][ T8574] EXT4-fs (loop3): stripe (8) is not aligned with cluster size (16), stripe is disabled
[  199.572875][ T8574] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  199.591328][ T8577] loop4: detected capacity change from 0 to 8192
[  199.625438][ T8584] __nla_validate_parse: 1 callbacks suppressed
[  199.625456][ T8584] netlink: 36 bytes leftover after parsing attributes in process `syz.8.1635'.
[  199.666447][ T8577] vfat: Unknown parameter 'À'
[  199.721172][ T8571] ==================================================================
[  199.729395][ T8571] BUG: KCSAN: data-race in __filemap_remove_folio / folio_mapping
[  199.737216][ T8571] 
[  199.739536][ T8571] write to 0xffffea0004217418 of 8 bytes by task 8577 on cpu 0:
[  199.747190][ T8571]  __filemap_remove_folio+0x1a5/0x2a0
[  199.752569][ T8571]  filemap_remove_folio+0x6d/0x1d0
[  199.757684][ T8571]  truncate_inode_folio+0x42/0x50
[  199.762721][ T8571]  shmem_undo_range+0x244/0xa80
[  199.767582][ T8571]  shmem_evict_inode+0x134/0x520
[  199.772538][ T8571]  evict+0x2e3/0x550
[  199.776428][ T8571]  iput+0x4ed/0x650
[  199.780237][ T8571]  dentry_unlink_inode+0x24f/0x260
[  199.785342][ T8571]  __dentry_kill+0x18d/0x4b0
[  199.789950][ T8571]  dput+0x5e/0xd0
[  199.793588][ T8571]  __fput+0x444/0x650
[  199.797565][ T8571]  ____fput+0x1c/0x30
[  199.801542][ T8571]  task_work_run+0x131/0x1a0
[  199.806136][ T8571]  exit_to_user_mode_loop+0xed/0x110
[  199.811425][ T8571]  do_syscall_64+0x1d6/0x200
[  199.816013][ T8571]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.821909][ T8571] 
[  199.824236][ T8571] read to 0xffffea0004217418 of 8 bytes by task 8571 on cpu 1:
[  199.831794][ T8571]  folio_mapping+0xa1/0xe0
[  199.836233][ T8571]  move_folios_to_lru+0x128/0x6c0
[  199.841264][ T8571]  evict_folios+0x31d0/0x3590
[  199.845948][ T8571]  try_to_shrink_lruvec+0x5b5/0x950
[  199.851159][ T8571]  shrink_lruvec+0x22e/0x1b50
[  199.855842][ T8571]  shrink_node+0x686/0x2120
[  199.860440][ T8571]  do_try_to_free_pages+0x3f6/0xcd0
[  199.865642][ T8571]  try_to_free_mem_cgroup_pages+0x1ab/0x410
[  199.871543][ T8571]  try_charge_memcg+0x383/0xa10
[  199.876400][ T8571]  obj_cgroup_charge_pages+0xa6/0x150
[  199.881776][ T8571]  __memcg_kmem_charge_page+0x9f/0x170
[  199.887237][ T8571]  __alloc_frozen_pages_noprof+0x188/0x360
[  199.893056][ T8571]  alloc_pages_mpol+0xb3/0x260
[  199.897815][ T8571]  alloc_pages_noprof+0x90/0x130
[  199.902751][ T8571]  __vmalloc_node_range_noprof+0x7a5/0xed0
[  199.908566][ T8571]  __kvmalloc_node_noprof+0x483/0x670
[  199.913952][ T8571]  ip_set_alloc+0x24/0x30
[  199.918287][ T8571]  hash_netiface_create+0x282/0x740
[  199.923490][ T8571]  ip_set_create+0x3cc/0x970
[  199.928164][ T8571]  nfnetlink_rcv_msg+0x4c6/0x590
[  199.933106][ T8571]  netlink_rcv_skb+0x123/0x220
[  199.937894][ T8571]  nfnetlink_rcv+0x167/0x16c0
[  199.942579][ T8571]  netlink_unicast+0x5c0/0x690
[  199.947354][ T8571]  netlink_sendmsg+0x58b/0x6b0
[  199.952127][ T8571]  __sock_sendmsg+0x145/0x180
[  199.956806][ T8571]  ____sys_sendmsg+0x31e/0x4e0
[  199.961580][ T8571]  ___sys_sendmsg+0x17b/0x1d0
[  199.966287][ T8571]  __x64_sys_sendmsg+0xd4/0x160
[  199.971147][ T8571]  x64_sys_call+0x191e/0x3000
[  199.975826][ T8571]  do_syscall_64+0xd2/0x200
[  199.980326][ T8571]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.986215][ T8571] 
[  199.988533][ T8571] value changed: 0xffff888104a147c0 -> 0x0000000000000000
[  199.995637][ T8571] 
[  199.997959][ T8571] Reported by Kernel Concurrency Sanitizer on:
[  200.004107][ T8571] CPU: 1 UID: 0 PID: 8571 Comm: syz.4.1632 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  200.013824][ T8571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  200.024067][ T8571] ==================================================================
[  200.196365][ T8601] lo speed is unknown, defaulting to 1000
[  200.467902][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  200.552282][ T8603] loop2: detected capacity change from 0 to 512
[  200.569442][ T8603] EXT4-fs (loop2): 1 orphan inode deleted
[  200.575803][ T8603] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  200.588479][   T31] EXT4-fs error (device loop2): ext4_release_dquot:6981: comm kworker/u8:1: Failed to release dquot type 1
[  200.599960][ T8603] ext4 filesystem being mounted at /8/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  200.615733][ T8603] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  200.673831][ T8577] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1632'.
[  200.688653][ T8577] loop4: detected capacity change from 0 to 1024
[  200.695820][ T8577] EXT4-fs (loop4): stripe (4) is not aligned with cluster size (4096), stripe is disabled
[  200.707906][ T8577] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 2: comm syz.4.1632: lblock 2 mapped to illegal pblock 2 (length 1)
[  200.723174][ T8577] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 48: comm syz.4.1632: lblock 0 mapped to illegal pblock 48 (length 1)
[  200.756552][ T8577] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.1632: Failed to acquire dquot type 0
[  200.776405][ T8577] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  200.787032][ T8297] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  200.796645][ T8577] EXT4-fs error (device loop4): ext4_evict_inode:254: inode #11: comm syz.4.1632: mark_inode_dirty error
[  200.808328][ T8577] EXT4-fs warning (device loop4): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  200.818714][ T8577] EXT4-fs (loop4): 1 orphan inode deleted
[  200.824969][ T8577] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  200.837333][   T31] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:1: lblock 1 mapped to illegal pblock 1 (length 1)
[  200.852177][   T31] EXT4-fs error (device loop4): ext4_release_dquot:6981: comm kworker/u8:1: Failed to release dquot type 0
[  201.162109][ T8571] syz.4.1632 (8571) used greatest stack depth: 6008 bytes left
[  201.171551][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.180770][ T3449] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:7: lblock 1 mapped to illegal pblock 1 (length 1)
[  201.195885][ T3449] EXT4-fs error (device loop4): ext4_release_dquot:6981: comm kworker/u8:7: Failed to release dquot type 0
[  201.207777][ T3319] EXT4-fs error (device loop4): __ext4_get_inode_loc:4832: comm syz-executor: Invalid inode table block 1 in block_group 0
[  201.220884][ T3319] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  201.230388][ T3319] EXT4-fs error (device loop4): ext4_quota_off:7229: inode #3: comm syz-executor: mark_inode_dirty error