last executing test programs:

22.527209881s ago: executing program 1 (id=396):
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0)
fcntl$lock(r0, 0x410, &(0x7f0000000440)={0x1, 0x1, 0x1000, 0x1fd})
unlink(&(0x7f0000000100)='./file0/file1\x00')

21.672427366s ago: executing program 1 (id=412):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_FD_FRAMES(r0, 0x65, 0x5, &(0x7f0000000040)=0x1, 0x4)
syz_init_net_socket$802154_raw(0x24, 0x4, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'lo\x00', <r1=>0x0})
sendmsg$can_raw(r0, &(0x7f0000000000)={&(0x7f0000000580)={0x1d, r1}, 0x10, &(0x7f00000003c0)={&(0x7f0000000400)=@canfd={{0x4, 0x1, 0x1, 0x1}, 0xfe, 0x2, 0x0, 0x0, "cca6f1e10194fd9304e8689818861d84be21875faed70061c5322a4ca48de2c8afc31232034c834cdc4586231d4cd7fcc6c6ad00"}, 0x48}, 0x2, 0x0, 0x0, 0x20000004}, 0x10044009)
r2 = socket(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f0000000000), 0x400000000000235, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000580)='kmem_cache_free\x00'}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x839, 0x70bd28, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x1, 0x2}, {0xd, 0x10}, {0x1, 0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x84}, 0x0)
r3 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r4)
ioctl$IOCTL_GET_NCIDEV_IDX(r3, 0x0, &(0x7f00000000c0)=<r6=>0x0)
sendmsg$NFC_CMD_DEV_UP(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="010026bd70003c0200000200000008000100", @ANYRES32=r6], 0x1c}}, 0x0)
r7 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x800)
ioctl$SG_GET_VERSION_NUM(r7, 0x2284, 0x0)
write$nci(r3, &(0x7f0000001800)=ANY=[@ANYBLOB="7240082b0102020681055a03997713fa06070202267a"], 0x16)
write$nci(r3, &(0x7f00000005c0)=ANY=[@ANYBLOB="4002040a02cd42aa3e8f8ad392daa1e781a5ab3863346680dcffeba756b384657f11e4b8bf123a23674b4108936c52bdcdf4b929ad1e4d082794734bbc37bec5be20a50f9b8986be3eb76311f5af046dfd5a4e6b18b43e20253a8a2b8e1d216b"], 0x7)
sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(r2, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000002c0)={&(0x7f0000000100)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16, @ANYBLOB="040027bd7000fedbdf2546000000080001007063690011000200303030303a30303a31302e300000000008008e00030000000c008f00d20e0000000000000c009000fcffffffffffffff0e0001006e657464657673696d0000000f0002006e657464657673696d30000008008e00030000000c008f0007000000000000000c009000ffffffffffffff7f0e0001006e657464657673696d0000000f0002006e657464657673696d30000008008e00010000000c008f0003000000000000000c0090000400000000000000080001007063690011000200303030303a30303a31302e300000000008008e00010000000c008f0001000000000000000c009000ffffff7f000000000e0001006e657464657673696d0000000f0002006e657464657673696d30000008008e00000000000c008f00ffffff7f000000000c009000ffffffffffffff7f"], 0x14c}, 0x1, 0x0, 0x0, 0x28005}, 0x800)

21.100191437s ago: executing program 1 (id=422):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fdffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = msgget$private(0x0, 0x355)
msgrcv(r1, 0x0, 0x0, 0x0, 0x2000)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{}, 0x0, 0x0}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x20, 0x10, &(0x7f0000000580)=ANY=[@ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00'], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x73cea2d47785b264, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000001cc0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000300)={[{@minixdf}, {}, {@barrier_val={'barrier', 0x3d, 0x9}}, {@commit={'commit', 0x3d, 0x5}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@nodelalloc}, {@noblock_validity}, {@nomblk_io_submit}]}, 0x1, 0x566, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9GajdN4o8KgvUiiBYLeq9LMg0lm27JbkoTC20P9uJFiiBiQfwDvHss/gP+FQUtFClBD14is5lNt81ukqYbN3U+H5j2vZnZvPnum+/bNzu7bACFNZL9U4p4OSK+SSIOt20bjHzjyOp+yw+vTWVLEisrn/2ZRJKva+2f5P8fzCsvRcSvX0WcKK1vt764NFupVtP5vD7WmLs8Vl9cOnlxrjKTzqSXJiYnT781OfHuO2/3LNbXz/39/ad3Pzr99fHl736+f+R2EmfiUL6tPY5ncKO9MhIj+XMyFGee2HG8B43tJkm/D4BtGcjzfCiyMeBwDORZD/z/XY+IFaCgEvkPBdWaB7Su7Xt0HfzcePDB6gXQ+vgHV98biX3Na6MDy8ljV0bZ9e5wD9rP2vjljzu3syU2eR/ieg/aA2i5cTMiTg0Orh//knz8275TzTePN/ZkG0V7/YF+upvNf97oNP8prc1/osP852CH3N2OzfO/dL8HzXSVzf/e6zj/XRu6hgfy2gvNOd9QcuFiNT0VES9GxGgM7c3qG93POb18b6Xbtvb5X7Zk7bfmgvlx3B/c+/hjpiuNyrPE3O7BzYhXOs5/k7X+Tzr0f/Z8nNtiG8fSO69227Z5/Dtr5aeI1zr2/6M7WsnG9yfHmufDWOusWO+vW8d+69b+6If9jT/r/wMbxz+ctN+vrT99Gz/u+yfttm275/+e5PNmeU++7mql0Zgfj9iTfLJ+/cSjx7bqrf2z+EePbzz+dTr/90fEF1uM/9bRW1137ff5n8U//VT9//SFex9/+UO39rfW/282S6P5mq2Mf1s9wGd57gAAAAAAAGC3KUXEoUhK5bVyqVQur36+42gcKFVr9caJC7WFS9PR/K7scAyVWne6D7d9HmI8/zxsqz7xRH0yIo5ExLcD+5v18lStOt3v4AEAAAAAAAAAAAAAAAAAAGCXONjl+/+Z3wf6fXTAjvOT31Bcm+Z/L37pCdiVvP5Dccl/KC75D8Ul/6G45D8Ul/yH4pL/UFzyHwAAAAAAAAAAAAAAAAAAAAAAAAAAAHrq3Nmz2bKy/PDaVFafvrK4MFu7cnI6rc+W5xamylO1+cvlmVptppqWp2pzm/29aq12eXwiFq6ONdJ6Y6y+uHR+rrZwqXH+4lxlJj2fDv0nUQEAAAAAAAAAAAAAAAAAAMDzpb64NFupVtN5ha6F92NXHMZOBrhqWw8f3C1RKHQt7NtG5/Z5YAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACANv8GAAD//04mM/E=")
r3 = fsopen(&(0x7f0000000080)='ext3\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f00000021c0)='test_dummy_encryption', &(0x7f0000000180)='\t\x00\x00\x00\x00\x00\x00\x00a8\xceoc', 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f00000000c0)={'batadv_slave_0\x00'})
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x1)
getdents64(r5, &(0x7f00000000c0)=""/57, 0x39)

20.021545052s ago: executing program 1 (id=436):
unshare(0x20000400)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="010000000a0000000500000007"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000001c0)={r0, &(0x7f0000000340), 0x0}, 0x20)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x9, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3ff}, 0x94)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYRESOCT=r3, @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r6, 0x8933, &(0x7f0000004700)={'team0\x00', <r7=>0x0})
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480f0000005e140602000000000e000a001000000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r7, {}, {}, {0x8, 0x5}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x8881}, 0x0)
fcntl$setpipe(r1, 0x407, 0x1)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2000002, &(0x7f0000000280)={[{@user_xattr}]}, 0x9, 0x537, &(0x7f0000000fc0)="$eJzs3c9vI1cdAPCvJ4mTbtNmF3qACtgFCgtarb3xtlHVC90LCFWVEIgD4rANiTcKseMQO1UTIpH+DXDgCn8CByQOSD1x4MYRiQNCKgekBSLQBgkkoxlPUm/idL2Nf0D8+UijmTfPM9/3ksy8mefJvAAm1o2IOIiIYkS8FREL+fpCPsXrnSn93KPD/ZWjw/2VQrTb3/pbIctP10XXNqln833ORcQ3vxbxvcLZuM3dvY3lWq26nafLrfpWubm7d3u9vrxWXatuVipLi0t3Xr37SmVgdb1e/8XDr66/8e1f/+rT7//u4Ms/TIs1n+d112OQOlWfOYmTmo6IN4YRbAym8nlxzOXgo0ki4mMR8bns+F+IqeyvEwC4zNrthWgvdKcBgMsuyfrACkkp7wuYjyQplTp9eC/ElaTWaLZuPWjsbK52+squxkzyYL1WvXNt9g8/yK4YZgppejHLy/KzdOVU+m5EXIuIn8w+k6VLK43a6vguewBgoj17qv3/52yn/e9Dj2/1AID/G3PjLgAAMHLafwCYPNp/AJg8fbT/+Zf9B0MvCwAwGk9x/58MsxwAwOjo/weAyaP9B4CJ8o0330yn9lH+/uvVt3d3Nhpv316tNjdK9Z2V0kpje6u01misZe/sqT9pf7VGY2vx5dh5p9yqNlvl5u7e/XpjZ7N1P3uv9/3qzEhqBQB8mGvX3/t9ISIOXnsmm6JrLAdtNVxunueByeUlfjC5jPYFk6v/e/zfDrUcwPj0vA+Y67n4uJ8+RRDPGcH/lJuf7L//3xjPcLno/4fJNfWRtpodeDmA0dP/D5Or3S6cHvO/eJIFAFxKF3jGv/2jQV2EAGP1pOeAB/L9PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFwy8xHx/SgkpXws8PlIklIp4rmIuBozhQfrteqdiHg+rkfEzGyaXhx3oQGAC0r+UsjH/7q58NL86dxi4V/ZYP/FtPXP120vpuv/frJ+9nj4sMoH211gXEEAYMDeWW61tiv5vOtG/tHh/srxNMryPLwX/8mHIl45OtzPpk7OdExn87nsWuLKPwp5ujMW6YsRMTWA+AfvRsQnetW/kPWNXM1HPu2OH3ns50YaP3ksfpLldebpxdfHB1AWmDTv3YuI13sdf0ncyOa9j/+57Ax1cQ/vdXZ2fO47OtwvHsc/Pv9N9YifHvM3+o3x8m++fmZle6GT927Ei9OPxT85/xzHL5wT/6U+4//xU5/58VfOyWv/LOJm9I7fHavcqm+Vm7t7t9fry2vVtepmpbK0uHTn1buvVMpZH3X5uKf6rL++duv588qW1v/KOfHneta/eLLtF/qs/8///dZ3P/sh8b/0+V7xk3ihZ/yOtE38Yp/xl6/88tzhu9P4q+fU/0m//1t9xn//z3urfX4UABiB5u7exnKtVt2+0EJ6FzqI/ZxZSIs40B32WCh2Ff5PMdxYT7UwM6yf6tAXpk+uFQe75++kexxxdZKB1+JCC49GFWu85yVg+D446MddEgAAAAAAAAAAAAAA4Dyj+NelcdcRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAy+u/AQAA//9xkcaD")
lchown(&(0x7f00000001c0)='./file0\x00', 0xee00, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r9}, 0x10)
r10 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r10}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r10, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
setreuid(0xee01, 0x0)
r11 = syz_clone(0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0)
r12 = syz_pidfd_open(r11, 0x0)
setns(r12, 0x24020000)
connect$pppoe(0xffffffffffffffff, &(0x7f0000000080)={0x18, 0x0, {0x15, @random="e62166ef05ef", 'vcan0\x00'}}, 0x1e)
sendmmsg(0xffffffffffffffff, &(0x7f0000002d80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8000)

19.576821411s ago: executing program 1 (id=445):
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000540)='./file0\x00', 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="73686f72746e616d653d77696e39352c756e695f786c6174653d312c636865636b3d7374726963742c646f733178666c6f7070792c757466383d312c757466383d312c757466383d302c696f636861727365743d6370313235de26302c696f636861727365743d69736f383835392d342c696f636861727365743d64656661756c742c73686f72746e616d653d6d69786564", @ANYRES8=0x0], 0xff, 0x1c2, &(0x7f0000000f00)="$eJzs20Fr02AYB/Cns9vaKrYHT+Ih4MVTWfcJLDJBLAhKDwqC4laQRQoOCnpwvXnwS/hxvOon8biDEGnTum7LQOZsNvb7XfqQN//2Sdr0TUrz6s673e3h3uDl4FvUKpVYuZ9lcVCJVqzE3DgKVIsWAgCXwUGWxc8syybTef1rZFlWdkcAwP82n/+z9bH5HwCuiGfPXzzu9npbT5OkFpF+HvVH/fwxH+8O4m2ksRMb0YxfMTlBmMnrh496WxvJVCu+pPuz/P6of+1ovhPNaBXnO3k+OZpfjcZifjOacas4v7mYvzHPr8W9uwv5djTjx5sYRhrbMcke5j91kuTBk96x178+Xa/I+vLeHgAAADgX7eSPwuv3djtJ1iLi5Hie71b++veBY9fX1bjtP4QAUIq9Dx93X6fpzvvSiogYz5bU4uQ63xt5o8trLDljfL5Ly9yZ/1bU4zyep9pY/GitTs4eL8oGXvpiePO0oXrBsXOWohYR06KsbyRgWQ6P/rI7AQAAAAAAAAAAAAAATrOMW5fK3kYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAArp7fAQAA//8+KIX0")
r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = openat$selinux_policy(0xffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f00000002c0), r1)
sendmsg$TIPC_CMD_DISABLE_BEARER(r0, &(0x7f0000000500)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000100)={&(0x7f0000000480)=ANY=[@ANYBLOB, @ANYRES16=r2, @ANYBLOB="00022abd7000ffdbdf25010000000000000002410000001000136574683a64756d6d79300000"], 0x2c}, 0x1, 0x0, 0x0, 0x8040}, 0x4000)
write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0xffa8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x89901)
move_mount(r3, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
sendmsg$TIPC_NL_MEDIA_GET(r3, &(0x7f0000000440)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000400)={&(0x7f0000000bc0)=ANY=[@ANYBLOB="10010004", @ANYRES16=0x0, @ANYBLOB="000826bd7000fddbdf250b0000008c000180440002800800020009000000080003000300000008000200090000000800040008000000080001000200000008000100130000000800020005000000080004000500000044000400200001000a004e2400000007fe880000000000000000000000000001ff070000200002000a004e21000034a6fe8800000000000000000000000001010500000028000480040007800c000780080004007f0000001300010062726f6164636173742d6c696e6b00002400028004000400140003800800020092380000080001000700000008000100fffbffff240005800700010069620000080001006574680008000100756470000800010065746800"], 0x110}, 0x1, 0x0, 0x0, 0x40}, 0x4040)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000ac0)='./file0/../file0/../file0/../file0\x00', 0x89900)
move_mount(r4, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f00000004c0)='./file1/file0\x00', &(0x7f0000000080)='./file0/../file0/../file0/../file0/file0\x00')
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f00000001c0)={0x1, [<r5=>0x0]}, &(0x7f0000000200)=0x8)
r6 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', <r7=>0x0})
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000001100)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200020000f8ffffffb723000008000000350885360000000085001b000100000095908e965a3f87715a797296d7bebec915565d29ead2068dc61bc01842a778b5b53cf7679b36a04e1c079ea0d1f469723bedebc274c6f0df6c30eae7d6bf5015dfa9d5aa9db0053630cbe8cd1a692d"], &(0x7f0000000b00)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r10}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r9}, &(0x7f0000000000), &(0x7f00000005c0)=r10}, 0x20)
sendmsg$nl_route(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000d40)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32=r7, @ANYBLOB="08000c0021111584a84e1c0ddf8dfe2d863cc7cd48ad3d0f29400696ab2328ab8eb8dfd1588f9a9d94715a0e2150680d81674ad24c08d7f7b4a832221b706c6cb904fd1e7dd99eaa31b374293bf1350c7168843c7be8b7bf1ef8cafc44dc27b427d90432e417acb45b21dab9402222d842cbc77c192808b06ddc5f1b447e363df2653a42d16b18b3962d0edc66cafd6d4bda16bdfbacf6de5691034d7002b7337c71e086060032e0a57e8b6a8e7cd417d86fd47635afab02deb3", @ANYRESOCT], 0xb4}}, 0x0)
ioctl$SG_GET_KEEP_ORPHAN(r3, 0x2288, &(0x7f0000000580))
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000240)={r5, 0x6, 0x10}, &(0x7f0000000340)=0xc)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@nogrpid}, {@quota}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
quotactl$Q_SETQUOTA(0xffffffff80000800, &(0x7f00000003c0)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000280)={0x100000000007, 0x4, 0x800077, 0x8, 0x6, 0x6, 0x1000, 0xf67, 0xfffffffc})
mknod$loop(&(0x7f0000000d00)='./file0\x00', 0x0, 0x1)
open(&(0x7f0000000080)='./file1\x00', 0x64842, 0x86)

19.229138262s ago: executing program 1 (id=452):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x100}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x84}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0xa7f10723c5e5444d}}]}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=ANY=[@ANYBLOB="3c000000100005ff00000000000000000000004a", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b00010062617461647600000400df7f08000a00", @ANYRES32], 0x3c}}, 0x0)
r3 = creat(&(0x7f00000000c0)='./file0\x00', 0xc9028ba210c11f8b)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000000)={'\x00', 0xc, 0x2, 0x803fd, 0x1, 0x800})
ioctl$sock_inet6_tcp_SIOCINQ(r3, 0x541b, &(0x7f0000000140))

19.190048025s ago: executing program 32 (id=452):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x100}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x84}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0xa7f10723c5e5444d}}]}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=ANY=[@ANYBLOB="3c000000100005ff00000000000000000000004a", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b00010062617461647600000400df7f08000a00", @ANYRES32], 0x3c}}, 0x0)
r3 = creat(&(0x7f00000000c0)='./file0\x00', 0xc9028ba210c11f8b)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000000)={'\x00', 0xc, 0x2, 0x803fd, 0x1, 0x800})
ioctl$sock_inet6_tcp_SIOCINQ(r3, 0x541b, &(0x7f0000000140))

2.364890241s ago: executing program 0 (id=734):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
close(r0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000480)=0x400000001, 0x4)
socket$igmp6(0xa, 0x3, 0x3a)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="060000000400000099000000"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000340)='kfree\x00', r3}, 0x18)
setsockopt$inet6_tcp_int(r1, 0x6, 0x22, &(0x7f0000356000)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000340)={0xa, 0x4e24, 0x100000, @loopback}, 0x1c)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="020d00051400000000000000000000000800120000000200c06b6e000000000006000000000000000000000000000000e00000020000000000000000000000000000000000000000000000000000000105000500008000000a0000000000000000000000000000000000000000000001000000000000000005000600ff4700000a"], 0xa0}}, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x20008041, 0x0, 0x0)

2.218999484s ago: executing program 0 (id=736):
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x40, 0x0, 0x9, 0x3c033, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x1, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x400000000, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x404, &(0x7f0000000600)={[{@nogrpid}, {@nobh}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@noquota}, {@nombcache}, {@orlov}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000380)={'vcan0\x00', <r3=>0x0})
r4 = socket$can_j1939(0x1d, 0x2, 0x7)
bind$can_j1939(r4, &(0x7f0000001640)={0x1d, r3, 0x1, {0x2, 0xff, 0x3}, 0xff}, 0x18)
bind$can_j1939(r4, &(0x7f0000000080)={0x1d, r3, 0xfffffffffffffffe, {0x0, 0xff, 0x1}, 0x2}, 0x18)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0xe, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r6, 0x0, 0xfffffffffffff001}, 0x18)
r7 = fsopen(&(0x7f0000000580)='binfmt_misc\x00', 0x1)
close(r7)
chdir(&(0x7f0000000100)='./bus\x00')
mmap$perf(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1, 0x4000011, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1, @perf_config_ext={0x8, 0x6}, 0x120, 0x10000, 0x33f8, 0x1, 0x8, 0x20007, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB='\v\x00\x00\x00\b'], 0x48)
r8 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000200)={'veth1_to_bridge\x00', <r9=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000100)={@local, 0x0, r9})
r10 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_inet6_SIOCADDRT(r10, 0x890b, &(0x7f0000000140)={@mcast2, @empty, @private2, 0x0, 0x0, 0x10, 0x500, 0x4, 0xa0022})

2.218535544s ago: executing program 5 (id=737):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000580)='kmem_cache_free\x00', r0}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x839, 0x70bd28, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x1, 0x2}, {0xd, 0x10}, {0x1, 0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x84}, 0x0)
r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)=<r4=>0x0)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="010026bd70003c0200000200000008000100", @ANYRES32=r4], 0x1c}}, 0x0)
syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x800)
write$nci(r1, &(0x7f0000001800)=ANY=[@ANYBLOB="7240082b0102020681055a03997713fa06070202267a"], 0x16)
write$nci(r1, &(0x7f00000005c0)=ANY=[@ANYBLOB="4002040a02cd42aa3e8f8ad392daa1e781a5ab3863346680dcffeba756b384657f11e4b8bf123a23674b4108936c52bdcdf4b929ad1e4d082794734bbc37bec5be20a50f9b8986be3eb76311f5af046dfd5a4e6b18b43e20253a8a2b8e1d216b"], 0x7)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000002c0)={&(0x7f0000000100)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="040027bd7000fedbdf2546000000080001007063690011000200303030303a30303a31302e300000000008008e00030000000c008f00d20e0000000000000c009000fcffffffffffffff0e0001006e657464657673696d0000000f0002006e657464657673696d30000008008e00030000000c008f0007000000000000000c009000ffffffffffffff7f0e0001006e657464657673696d0000000f0002006e657464657673696d30000008008e00010000000c008f0003000000000000000c0090000400000000000000080001007063690011000200303030303a30303a31302e300000000008008e00010000000c008f0001000000000000000c009000ffffff7f000000000e0001006e657464657673696d0000000f0002006e657464657673696d30000008008e00000000000c008f00ffffff7f000000000c009000ffffffffffffff7f"], 0x14c}, 0x1, 0x0, 0x0, 0x28005}, 0x800)

2.176542758s ago: executing program 0 (id=738):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x8000000, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0xffe0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x4}}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x6}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
nanosleep(&(0x7f0000000080)={0x0, 0x3938700}, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x2, 0x6, 0x620, 0xe0, 0x428, 0x338, 0x338, 0x338, 0x550, 0x550, 0x550, 0x550, 0x550, 0x6, 0x0, {[{{@uncond, 0x0, 0xa8, 0xe0, 0x0, {0x7a00000010000000}}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0xffffffffffffffff, 0x2, 0x1}, {0xffffffffffffffff, 0x45, 0x1}, {0xffffffffffffffff, 0x4}, 0x6, 0x7ff}}}, {{@ipv6={@mcast2, @dev={0xfe, 0x80, '\x00', 0xa}, [0x0, 0x0, 0x0, 0xffffff00], [0x0, 0x0, 0xffffffff, 0xff], 'macvlan0\x00', 'veth1_vlan\x00', {}, {}, 0x6, 0x1, 0x4}, 0x0, 0xf8, 0x130, 0x0, {}, [@common=@eui64={{0x28}}, @common=@eui64={{0x28}}]}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0xffff}, {}, {0x87, 0x0, 0x7}}}}, {{@uncond, 0x0, 0x100, 0x128, 0x48000000, {}, [@inet=@rpfilter={{0x28}, {0xd}}, @common=@srh={{0x30}, {0x33, 0x66, 0xf8, 0xa6, 0x9, 0x440, 0x502}}]}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffc}}, {{@uncond, 0x0, 0xa8, 0xf0}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv4=@rand_addr=0x64010100, @ipv4=@loopback}}}, {{@uncond, 0x0, 0x100, 0x128, 0x0, {}, [@common=@srh={{0x30}, {0x62, 0x8, 0x7, 0xb, 0x30ba, 0x222}}, @inet=@rpfilter={{0x28}, {0x6}}]}, @HL={0x28, 'HL\x00', 0x0, {0x1}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x680)

1.962844756s ago: executing program 0 (id=740):
syz_init_net_socket$802154_raw(0x24, 0x4, 0x0)
sendmsg$can_raw(0xffffffffffffffff, 0x0, 0x10044009)
sendmmsg(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000235, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x18, 0x5, &(0x7f0000000780)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a0ef010095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000580)='kmem_cache_free\x00', r0}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x839, 0x70bd28, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x1, 0x2}, {0xd, 0x10}, {0x1, 0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x84}, 0x0)
r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)=<r4=>0x0)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="010026bd70003c0200000200000008000100", @ANYRES32=r4], 0x1c}}, 0x0)
r5 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x800)
ioctl$SG_GET_VERSION_NUM(r5, 0x2284, 0x0)
write$nci(r1, &(0x7f0000001800)=ANY=[@ANYBLOB="7240082b0102020681055a03997713fa06070202267a"], 0x16)
write$nci(r1, &(0x7f00000005c0)=ANY=[@ANYBLOB="4002040a02cd42aa3e8f8ad392daa1e781a5ab3863346680dcffeba756b384657f11e4b8bf123a23674b4108936c52bdcdf4b929ad1e4d082794734bbc37bec5be20a50f9b8986be3eb76311f5af046dfd5a4e6b18b43e20253a8a2b8e1d216b"], 0x7)
sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000002c0)={&(0x7f0000000100)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16, @ANYBLOB="040027bd7000fedbdf2546000000080001007063690011000200303030303a30303a31302e300000000008008e00030000000c008f00d20e0000000000000c009000fcffffffffffffff0e0001006e657464657673696d0000000f0002006e657464657673696d30000008008e00030000000c008f0007000000000000000c009000ffffffffffffff7f0e0001006e657464657673696d0000000f0002006e657464657673696d30000008008e00010000000c008f0003000000000000000c0090000400000000000000080001007063690011000200303030303a30303a31302e300000000008008e00010000000c008f0001000000000000000c009000ffffff7f000000000e0001006e657464657673696d0000000f0002006e657464657673696d30000008008e00000000000c008f00ffffff7f000000000c009000ffffffffffffff7f"], 0x14c}, 0x1, 0x0, 0x0, 0x28005}, 0x800)

1.728199417s ago: executing program 2 (id=741):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e40)=ANY=[@ANYBLOB="0b00000005000000020000000200000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000160000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
r2 = semget(0x1, 0x4, 0x39c)
semctl$IPC_RMID(r2, 0x0, 0x0)

1.374015629s ago: executing program 2 (id=742):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000240)=0x81, 0x12)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r1 = openat$cgroup_devices(r0, &(0x7f0000000300)='devices.allow\x00', 0x2, 0x0)
write$cgroup_devices(r1, &(0x7f0000000240)=ANY=[@ANYBLOB='c '], 0xa)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}]}, &(0x7f0000000200)='GPL\x00', 0x2, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000001040)=@raw={'raw\x00', 0x8, 0x3, 0x4d8, 0x1c0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x408, 0xffffffff, 0xffffffff, 0x408, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@remote, @loopback, [0xff, 0xffffff00, 0xff, 0xff], [0xff000000, 0xff, 0xff], 'team_slave_0\x00', 'netdevsim0\x00', {}, {0xff}, 0x29, 0x3, 0x0, 0x60}, 0x0, 0x1a0, 0x1c0, 0x60030000, {0x0, 0xff000000}, [@common=@inet=@recent0={{0xf8}, {0x9, 0x0, 0x24, 0x0, 'syz1\x00'}}]}, @unspec=@NOTRACK={0x20}}, {{@ipv6={@remote, @dev={0xfe, 0x80, '\x00', 0x23}, [0xffffff00, 0xffffffff, 0x0, 0xffffff00], [0xffffffff, 0xffffff00, 0xffffffff, 0xff000000], 'dvmrp0\x00', 'bridge_slave_1\x00', {}, {0xff}, 0x2b, 0x2, 0x5, 0x5}, 0x0, 0x228, 0x248, 0x0, {}, [@common=@inet=@policy={{0x158}, {[{@ipv4=@empty, [0xaaab4584fd44661c, 0xffffff00, 0x0, 0xffffff], @ipv6=@ipv4={'\x00', '\xff\xff', @multicast2}, [0xffffffff, 0xffffffff, 0xff000000, 0xffffffff], 0x4d4, 0x3506, 0xff, 0x1, 0x6, 0x9}, {@ipv4=@broadcast, [0xffffff00, 0x1fe, 0xffffff00, 0xff000000], @ipv4=@rand_addr=0x64010101, [0xff, 0x0, 0xffffff00, 0xffffff00], 0x4d5, 0x3505, 0x32, 0x0, 0x4e8535f9bc1af85f, 0x10}, {@ipv6=@loopback, [0xff000000, 0x0, 0x0, 0xff000000], @ipv4=@private=0xa010102, [0xffffff00, 0xffffff00, 0xff, 0xff000000], 0x4d6, 0x0, 0x5c, 0x1, 0x12, 0x17}, {@ipv6=@remote, [0xff000000, 0xff000000, 0xffffffff, 0xff000000], @ipv6=@private2={0xfc, 0x2, '\x00', 0x1}, [0xff000000, 0xffffffff, 0xffffffff, 0xffffffff], 0x4d6, 0x3500, 0x5e, 0x1, 0x0, 0xf}], 0x5, 0x4}}, @inet=@rpfilter={{0x28}, {0x1c}}]}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x538)
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0\x00', 0xc000, &(0x7f00000006c0), 0x1, 0x246, &(0x7f00000007c0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
ioctl$EXT4_IOC_GET_ES_CACHE(r5, 0xc020662a, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
execveat(r5, &(0x7f0000000000)='./file1\x00', &(0x7f0000000340)={[&(0x7f0000000080)='$(\x00', &(0x7f00000000c0)='\x00', &(0x7f0000000100)='#]\x00', &(0x7f0000000180)='**\'*&+&\x00', &(0x7f00000001c0)='ext4\x00', &(0x7f0000000240)='ext4\x00', &(0x7f0000000300)='&[#[#.\xb0)-\x88#!.\x00']}, &(0x7f0000000440)={[&(0x7f0000000380)='bridge\x00', &(0x7f00000003c0)='^', &(0x7f0000000400)='bridge\x00']}, 0x1000)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000001400000000000000ff000000850000000e000000850000000700000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000000)='kmem_cache_free\x00', r7}, 0x18)
r8 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0)
openat(r8, &(0x7f00000000c0)='./file0\x00', 0x6a1c2, 0x50)
faccessat(r8, &(0x7f0000000000)='./file0\x00', 0x5)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x93254, 0x11b22}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_HELLO_TIME={0x8, 0x2, 0x2}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x600}, 0x92)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f00000004c0)={&(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000480)="af694b6283883350b964f5e32413b963b004e4d5a5de7bffc002c2ee3f7a8ec21817154594dc3f5a2dbd7627f37cf7b177b47c044f05c5156efe01a7a36ae0", 0x3f, r4}, 0x68)
listen(r5, 0x4)

1.346233831s ago: executing program 5 (id=743):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fdffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = msgget$private(0x0, 0x355)
msgrcv(r1, 0x0, 0x0, 0x0, 0x2000)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{}, 0x0, 0x0}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000300)={[{@minixdf}, {}, {@barrier_val={'barrier', 0x3d, 0x9}}, {@commit={'commit', 0x3d, 0x5}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@nodelalloc}, {@noblock_validity}, {@nomblk_io_submit}]}, 0x1, 0x566, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9GajdN4o8KgvUiiBYLeq9LMg0lm27JbkoTC20P9uJFiiBiQfwDvHss/gP+FQUtFClBD14is5lNt81ukqYbN3U+H5j2vZnZvPnum+/bNzu7bACFNZL9U4p4OSK+SSIOt20bjHzjyOp+yw+vTWVLEisrn/2ZRJKva+2f5P8fzCsvRcSvX0WcKK1vt764NFupVtP5vD7WmLs8Vl9cOnlxrjKTzqSXJiYnT781OfHuO2/3LNbXz/39/ad3Pzr99fHl736+f+R2EmfiUL6tPY5ncKO9MhIj+XMyFGee2HG8B43tJkm/D4BtGcjzfCiyMeBwDORZD/z/XY+IFaCgEvkPBdWaB7Su7Xt0HfzcePDB6gXQ+vgHV98biX3Na6MDy8ljV0bZ9e5wD9rP2vjljzu3syU2eR/ieg/aA2i5cTMiTg0Orh//knz8275TzTePN/ZkG0V7/YF+upvNf97oNP8prc1/osP852CH3N2OzfO/dL8HzXSVzf/e6zj/XRu6hgfy2gvNOd9QcuFiNT0VES9GxGgM7c3qG93POb18b6Xbtvb5X7Zk7bfmgvlx3B/c+/hjpiuNyrPE3O7BzYhXOs5/k7X+Tzr0f/Z8nNtiG8fSO69227Z5/Dtr5aeI1zr2/6M7WsnG9yfHmufDWOusWO+vW8d+69b+6If9jT/r/wMbxz+ctN+vrT99Gz/u+yfttm275/+e5PNmeU++7mql0Zgfj9iTfLJ+/cSjx7bqrf2z+EePbzz+dTr/90fEF1uM/9bRW1137ff5n8U//VT9//SFex9/+UO39rfW/282S6P5mq2Mf1s9wGd57gAAAAAAAGC3KUXEoUhK5bVyqVQur36+42gcKFVr9caJC7WFS9PR/K7scAyVWne6D7d9HmI8/zxsqz7xRH0yIo5ExLcD+5v18lStOt3v4AEAAAAAAAAAAAAAAAAAAGCXONjl+/+Z3wf6fXTAjvOT31Bcm+Z/L37pCdiVvP5Dccl/KC75D8Ul/6G45D8Ul/yH4pL/UFzyHwAAAAAAAAAAAAAAAAAAAAAAAAAAAHrq3Nmz2bKy/PDaVFafvrK4MFu7cnI6rc+W5xamylO1+cvlmVptppqWp2pzm/29aq12eXwiFq6ONdJ6Y6y+uHR+rrZwqXH+4lxlJj2fDv0nUQEAAAAAAAAAAAAAAAAAAMDzpb64NFupVtN5ha6F92NXHMZOBrhqWw8f3C1RKHQt7NtG5/Z5YAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACANv8GAAD//04mM/E=")
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x1)
getdents64(r3, &(0x7f00000000c0)=""/57, 0x39)

1.284254416s ago: executing program 0 (id=744):
r0 = perf_event_open(&(0x7f0000000740)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xff, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8d}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x0, 0x2, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x3, 0x0, 0x0, 0x40f00, 0x60, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffff9}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700000000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000100850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000003c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000000c0)={0xffffffffffffffff, 0x6b, 0x0}, 0x10)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2, 0x0, 0x1}, 0x18)
syz_usb_connect$cdc_ncm(0x7, 0x9e, &(0x7f00000004c0)=ANY=[], 0x0)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x6, 0xfd, 0x94, 0x7fff0000}]})
r5 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r5, &(0x7f0000000000)={0x18, 0x0, {0x1, @empty, 'lo\x00'}}, 0x1e)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x3, 0x7fe2, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7}, 0x10)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, 0x0, 0x0)
close(r5)
close_range(r4, 0xffffffffffffffff, 0x0)

1.188704545s ago: executing program 2 (id=746):
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000540)='./file0\x00', 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="73686f72746e616d653d77696e39352c756e695f786c6174653d312c636865636b3d7374726963742c646f733178666c6f7070792c757466383d312c757466383d312c757466383d302c696f636861727365743d6370313235de26302c696f636861727365743d69736f383835392d342c696f636861727365743d64656661756c742c73686f72746e616d653d6d69786564", @ANYRES8=0x0], 0xff, 0x1c2, &(0x7f0000000f00)="$eJzs20Fr02AYB/Cns9vaKrYHT+Ih4MVTWfcJLDJBLAhKDwqC4laQRQoOCnpwvXnwS/hxvOon8biDEGnTum7LQOZsNvb7XfqQN//2Sdr0TUrz6s673e3h3uDl4FvUKpVYuZ9lcVCJVqzE3DgKVIsWAgCXwUGWxc8syybTef1rZFlWdkcAwP82n/+z9bH5HwCuiGfPXzzu9npbT5OkFpF+HvVH/fwxH+8O4m2ksRMb0YxfMTlBmMnrh496WxvJVCu+pPuz/P6of+1ovhPNaBXnO3k+OZpfjcZifjOacas4v7mYvzHPr8W9uwv5djTjx5sYRhrbMcke5j91kuTBk96x178+Xa/I+vLeHgAAADgX7eSPwuv3djtJ1iLi5Hie71b++veBY9fX1bjtP4QAUIq9Dx93X6fpzvvSiogYz5bU4uQ63xt5o8trLDljfL5Ly9yZ/1bU4zyep9pY/GitTs4eL8oGXvpiePO0oXrBsXOWohYR06KsbyRgWQ6P/rI7AQAAAAAAAAAAAAAATrOMW5fK3kYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAArp7fAQAA//8+KIX0")
r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = openat$selinux_policy(0xffffff9c, 0x0, 0x0, 0x0)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f00000002c0), r1)
sendmsg$TIPC_CMD_DISABLE_BEARER(r0, &(0x7f0000000500)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000100)={&(0x7f0000000480)=ANY=[@ANYBLOB, @ANYRES16=r2, @ANYBLOB="00022abd7000ffdbdf25010000000000000002410000001000136574683a64756d6d79300000"], 0x2c}, 0x1, 0x0, 0x0, 0x8040}, 0x4000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000008, 0x12, r1, 0x0)
write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0xffa8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x89901)
move_mount(r3, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
sendmsg$TIPC_NL_MEDIA_GET(r3, &(0x7f0000000440)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000400)={&(0x7f0000000bc0)=ANY=[@ANYBLOB="10010004", @ANYRES16=0x0, @ANYBLOB="000826bd7000fddbdf250b0000008c000180440002800800020009000000080003000300000008000200090000000800040008000000080001000200000008000100130000000800020005000000080004000500000044000400200001000a004e2400000007fe880000000000000000000000000001ff070000200002000a004e21000034a6fe8800000000000000000000000001010500000028000480040007800c000780080004007f0000001300010062726f6164636173742d6c696e6b00002400028004000400140003800800020092380000080001000700000008000100fffbffff240005800700010069620000080001006574680008000100756470000800010065746800"], 0x110}, 0x1, 0x0, 0x0, 0x40}, 0x4040)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000ac0)='./file0/../file0/../file0/../file0\x00', 0x89900)
move_mount(r4, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f00000004c0)='./file1/file0\x00', &(0x7f0000000080)='./file0/../file0/../file0/../file0/file0\x00')
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f00000001c0)={0x1, [<r5=>0x0]}, &(0x7f0000000200)=0x8)
r6 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', <r7=>0x0})
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000001100)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200020000f8ffffffb723000008000000350885360000000085001b000100000095908e965a3f87715a797296d7bebec915565d29ead2068dc61bc01842a778b5b53cf7679b36a04e1c079ea0d1f469723bedebc274c6f0df6c30eae7d6bf5015dfa9d5aa9db0053630cbe8cd1a692d"], &(0x7f0000000b00)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r10}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r9}, &(0x7f0000000000), &(0x7f00000005c0)=r10}, 0x20)
sendmsg$nl_route(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000d40)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32=r7, @ANYBLOB="08000c0021111584a84e1c0ddf8dfe2d863cc7cd48ad3d0f29400696ab2328ab8eb8dfd1588f9a9d94715a0e2150680d81674ad24c08d7f7b4a832221b706c6cb904fd1e7dd99eaa31b374293bf1350c7168843c7be8b7bf1ef8cafc44dc27b427d90432e417acb45b21dab9402222d842cbc77c192808b06ddc5f1b447e363df2653a42d16b18b3962d0edc66cafd6d4bda16bdfbacf6de5691034d7002b7337c71e086060032e0a57e8b6a8e7cd417d86fd47635afab02deb3", @ANYRESOCT], 0xb4}}, 0x0)
ioctl$SG_GET_KEEP_ORPHAN(r3, 0x2288, &(0x7f0000000580))
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000240)={r5, 0x6, 0x10}, &(0x7f0000000340)=0xc)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@nogrpid}, {@quota}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
quotactl$Q_SETQUOTA(0xffffffff80000800, &(0x7f00000003c0)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000280)={0x100000000007, 0x4, 0x800077, 0x8, 0x6, 0x6, 0x1000, 0xf67, 0xfffffffc})
mknod$loop(&(0x7f0000000d00)='./file0\x00', 0x0, 0x1)
open(&(0x7f0000000080)='./file1\x00', 0x64842, 0x86)

1.041977298s ago: executing program 3 (id=749):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x18)
modify_ldt$write2(0x11, &(0x7f0000000000)={0x2, 0x20001000, 0xffffffffffffffff, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1}, 0x10)

957.174716ms ago: executing program 3 (id=750):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x80000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000004c0)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@abort}, {@user_xattr}, {@bh}, {@errors_remount}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
quotactl_fd$Q_SYNC(r2, 0xffffffff80000101, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800, &(0x7f0000000380)={[{@errors_remount}, {@discard}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5e}}, {@noauto_da_alloc}, {@bsdgroups}, {@jqfmt_vfsv1}, {@abort}, {@data_err_ignore}]}, 0x1, 0x476, &(0x7f0000000540)="$eJzs3M1vFOUfAPDvzLblx2v7Q3wBUavE2PjS0oLKwYtGEw8YTfSAN2tbCKFQQ2sihEg1Bi8mhkTP6tHEv8CbF6OeTLzq3ZAQ5QJ6qpnZmbK7dLctLLuF/XySZZ9n5pl9nm9nnp1n5pklgJ41nP2TRGyLiN8jYrCarS8wXH27duXc1D9Xzk0lsbT05l9JXu7qlXNTZdFyu61FZiSNSD9JikrqzZ85e2JydnbmdJEfWzj53tj8mbPPHD85eWzm2MypiUOHDh4Yf/65iWfbEmcW19U9H87t3f3q2xdfmzpy8d2fv8vau61YXxtHg00N72s2nAX+91JueWFafXt83RFsbNtr0klfFxvCulQiIttd/Xn/H4xKXN95g/HKx11tHHBbZeemFie2xSXgLpZEt1sAdEd5os+uf8tXh4YeG8LlF6sXQFnc14pXdU1feameXxttv031D0fEkcV/v8pe0fo+BABAW3w29eXheHql8V8a99WU21HMoQxFxP8jYmdE3BMRuyLi3oi87P0R8cDqVaa1mcapoRvHP+mlmw5uDbLx3wvF3Fb9+G+5mUOVIrc9j78/OXp8dmZ/8TcZif5NWX68RR0/vPzb583W1Y7/sldWfzkWLNpxqa/hBt305MJkPihtg8sfRezpWyn+ZHkmIImI3RGxZ30fvaNMHH/y273NCq0efwttmGda+ibiier+X4yG+EtJ6/nJsf/F7Mz+sfKouNEvv154o1n9txR/G2T7f0v98d9YZCipna+dX38dF/74tOk1zc0e/wPJW/m2A8WyDyYXFk6PRwwkh/N83fKJ69uW+bJ8Fv/IvpX7/85imyz+ByMiO4gfioiHI+KRou2PRsRjEbGvRfw/vdR8XX38m7d1Y/9PN3z/bc7XLB//Dft//YnKiR+/X7n2r99Z2/4/mKdGiiX5998q1trAW/zzAQAAwB0hzZ+BT9LR5XSajo5Wn+HfFVvS2bn5haeOzr1/arr6rPxQ9Kflna7Bmvuh48li8YnV/ERxr7hcf6C4b/xFZXOeH52am53ucuzQ67Y26f+ZPyvdbh1w2600jzYx0IWGAB3X2P/T+uz51zvZGKCjmj5Hs6Wz7QA6b5Xn6NJOtQPoPP9fC/Sulfr/+Ya8uQC4Ozn/Q+/S/6F36f/Qu/R/6Emr/Ui+cou//Ze44xLJ2gpH2v2mboxEf0S05QMHNkQ4RaLb30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADt8V8AAAD//5qI6jE=")
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$fou(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000880)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0902000000000000000001000000050002000a00000014000700ff00000000000000000000000000000108000b00"], 0x38}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x80000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) (async)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000004c0)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@abort}, {@user_xattr}, {@bh}, {@errors_remount}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==") (async)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) (async)
quotactl_fd$Q_SYNC(r2, 0xffffffff80000101, 0x0, 0x0) (async)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800, &(0x7f0000000380)={[{@errors_remount}, {@discard}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5e}}, {@noauto_da_alloc}, {@bsdgroups}, {@jqfmt_vfsv1}, {@abort}, {@data_err_ignore}]}, 0x1, 0x476, &(0x7f0000000540)="$eJzs3M1vFOUfAPDvzLblx2v7Q3wBUavE2PjS0oLKwYtGEw8YTfSAN2tbCKFQQ2sihEg1Bi8mhkTP6tHEv8CbF6OeTLzq3ZAQ5QJ6qpnZmbK7dLctLLuF/XySZZ9n5pl9nm9nnp1n5pklgJ41nP2TRGyLiN8jYrCarS8wXH27duXc1D9Xzk0lsbT05l9JXu7qlXNTZdFyu61FZiSNSD9JikrqzZ85e2JydnbmdJEfWzj53tj8mbPPHD85eWzm2MypiUOHDh4Yf/65iWfbEmcW19U9H87t3f3q2xdfmzpy8d2fv8vau61YXxtHg00N72s2nAX+91JueWFafXt83RFsbNtr0klfFxvCulQiIttd/Xn/H4xKXN95g/HKx11tHHBbZeemFie2xSXgLpZEt1sAdEd5os+uf8tXh4YeG8LlF6sXQFnc14pXdU1feameXxttv031D0fEkcV/v8pe0fo+BABAW3w29eXheHql8V8a99WU21HMoQxFxP8jYmdE3BMRuyLi3oi87P0R8cDqVaa1mcapoRvHP+mlmw5uDbLx3wvF3Fb9+G+5mUOVIrc9j78/OXp8dmZ/8TcZif5NWX68RR0/vPzb583W1Y7/sldWfzkWLNpxqa/hBt305MJkPihtg8sfRezpWyn+ZHkmIImI3RGxZ30fvaNMHH/y273NCq0efwttmGda+ibiier+X4yG+EtJ6/nJsf/F7Mz+sfKouNEvv154o1n9txR/G2T7f0v98d9YZCipna+dX38dF/74tOk1zc0e/wPJW/m2A8WyDyYXFk6PRwwkh/N83fKJ69uW+bJ8Fv/IvpX7/85imyz+ByMiO4gfioiHI+KRou2PRsRjEbGvRfw/vdR8XX38m7d1Y/9PN3z/bc7XLB//Dft//YnKiR+/X7n2r99Z2/4/mKdGiiX5998q1trAW/zzAQAAwB0hzZ+BT9LR5XSajo5Wn+HfFVvS2bn5haeOzr1/arr6rPxQ9Kflna7Bmvuh48li8YnV/ERxr7hcf6C4b/xFZXOeH52am53ucuzQ67Y26f+ZPyvdbh1w2600jzYx0IWGAB3X2P/T+uz51zvZGKCjmj5Hs6Wz7QA6b5Xn6NJOtQPoPP9fC/Sulfr/+Ya8uQC4Ozn/Q+/S/6F36f/Qu/R/6Emr/Ui+cou//Ze44xLJ2gpH2v2mboxEf0S05QMHNkQ4RaLb30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADt8V8AAAD//5qI6jE=") (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$fou(&(0x7f00000003c0), 0xffffffffffffffff) (async)
sendmsg$FOU_CMD_ADD(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000880)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0902000000000000000001000000050002000a00000014000700ff00000000000000000000000000000108000b00"], 0x38}}, 0x0) (async)

955.952296ms ago: executing program 2 (id=751):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x8000000, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0xffe0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x4}}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x6}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
nanosleep(&(0x7f0000000080)={0x0, 0x3938700}, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x2, 0x6, 0x620, 0xe0, 0x428, 0x338, 0x338, 0x338, 0x550, 0x550, 0x550, 0x550, 0x550, 0x6, 0x0, {[{{@uncond, 0x0, 0xa8, 0xe0, 0x0, {0x7a00000010000000}}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0xffffffffffffffff, 0x2, 0x1}, {0xffffffffffffffff, 0x45, 0x1}, {0xffffffffffffffff, 0x4}, 0x6, 0x7ff}}}, {{@ipv6={@mcast2, @dev={0xfe, 0x80, '\x00', 0xa}, [0x0, 0x0, 0x0, 0xffffff00], [0x0, 0x0, 0xffffffff, 0xff], 'macvlan0\x00', 'veth1_vlan\x00', {}, {}, 0x6, 0x1, 0x4}, 0x0, 0xf8, 0x130, 0x0, {}, [@common=@eui64={{0x28}}, @common=@eui64={{0x28}}]}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0xffff}, {}, {0x87, 0x0, 0x7}}}}, {{@uncond, 0x0, 0x100, 0x128, 0x48000000, {}, [@inet=@rpfilter={{0x28}, {0xd}}, @common=@srh={{0x30}, {0x33, 0x66, 0xf8, 0xa6, 0x9, 0x440, 0x502}}]}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffc}}, {{@uncond, 0x0, 0xa8, 0xf0}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv4=@rand_addr=0x64010100, @ipv4=@loopback}}}, {{@uncond, 0x0, 0x100, 0x128, 0x0, {}, [@common=@srh={{0x30}, {0x62, 0x8, 0x7, 0xb, 0x30ba, 0x222}}, @inet=@rpfilter={{0x28}, {0x6}}]}, @HL={0x28, 'HL\x00', 0x0, {0x1}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x680)

838.433736ms ago: executing program 3 (id=754):
syz_init_net_socket$802154_raw(0x24, 0x4, 0x0)
sendmsg$can_raw(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000400)=@canfd={{0x4, 0x1, 0x1, 0x1}, 0xfe, 0x2, 0x0, 0x0, "cca6f1e10194fd9304e8689818861d84be21875faed70061c5322a4ca48de2c8afc31232034c834cdc4586231d4cd7fcc6c6ad00"}, 0x48}, 0x2, 0x0, 0x0, 0x20000004}, 0x10044009)
sendmmsg(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000235, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x18, 0x5, &(0x7f0000000780)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a0ef010095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000580)='kmem_cache_free\x00', r0}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x839, 0x70bd28, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x1, 0x2}, {0xd, 0x10}, {0x1, 0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x84}, 0x0)
r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)=<r4=>0x0)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="010026bd70003c0200000200000008000100", @ANYRES32=r4], 0x1c}}, 0x0)
r5 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x800)
ioctl$SG_GET_VERSION_NUM(r5, 0x2284, 0x0)
write$nci(r1, &(0x7f0000001800)=ANY=[@ANYBLOB="7240082b0102020681055a03997713fa06070202267a"], 0x16)
write$nci(r1, &(0x7f00000005c0)=ANY=[@ANYBLOB="4002040a02cd42aa3e8f8ad392daa1e781a5ab3863346680dcffeba756b384657f11e4b8bf123a23674b4108936c52bdcdf4b929ad1e4d082794734bbc37bec5be20a50f9b8986be3eb76311f5af046dfd5a4e6b18b43e20253a8a2b8e1d216b"], 0x7)
sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000002c0)={&(0x7f0000000100)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16, @ANYBLOB="040027bd7000fedbdf2546000000080001007063690011000200303030303a30303a31302e300000000008008e00030000000c008f00d20e0000000000000c009000fcffffffffffffff0e0001006e657464657673696d0000000f0002006e657464657673696d30000008008e00030000000c008f0007000000000000000c009000ffffffffffffff7f0e0001006e657464657673696d0000000f0002006e657464657673696d30000008008e00010000000c008f0003000000000000000c0090000400000000000000080001007063690011000200303030303a30303a31302e300000000008008e00010000000c008f0001000000000000000c009000ffffff7f000000000e0001006e657464657673696d0000000f0002006e657464657673696d30000008008e00000000000c008f00ffffff7f000000000c009000ffffffffffffff7f"], 0x14c}, 0x1, 0x0, 0x0, 0x28005}, 0x800)

837.770156ms ago: executing program 2 (id=755):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f00000001c0)={'wpan0\x00', <r2=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_KEY(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000200)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000fedbdf251700000008000300", @ANYRES32=r2, @ANYBLOB="4800308014000400403a050c5baee2004ef2b6d713459a7a280001801c00038006000300a1aa0000060001000100000008000200020000000800010000000400050002"], 0x64}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000226ce736ece134290000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='hrtimer_start\x00', r3}, 0x3d)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='hrtimer_start\x00', r4}, 0x3d)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$usbfs(&(0x7f0000000280), 0x8, 0xf9f01)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000000)='sched_switch\x00', r6}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000fbffffff000000000000000085000000410000009500000000b35efcf3bf174c62f54b68f962f2c1d21a6dadfc992a0c971543d712f3a0e06f72ff07c36a9285fc4eabf595bcf8c2ebf3449e4b3fa12436ad56f4e565bcccebba9091925f697de6344dc41391afd48fd0577d60144e6f650a95e047e09b69d4125a01f7a36708266d7c6f3e4b349feceeb3c507c4a20ea4801eabda9f6ac88fc3e8a0e3816656193ddeee1a1b5cabdb41e703816203d18af2c351ce58657c74949a84b197c7ea82bd00"/212], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xb, 0x0, 0x0, 0x69, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101b01)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, &(0x7f0000001040)=@raw={'raw\x00', 0x8, 0x3, 0x500, 0x0, 0xffffffff, 0xffffffff, 0x1e8, 0xffffffff, 0x430, 0xffffffff, 0xffffffff, 0x430, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@remote, @loopback, [0xff, 0xffffff00, 0xff, 0xff], [0xff000000, 0xff, 0xff], 'team_slave_0\x00', 'netdevsim0\x00', {}, {0xff}, 0x29, 0x3, 0x0, 0x60}, 0x0, 0x1a0, 0x1e8, 0x60030000, {0x0, 0xff000000}, [@common=@inet=@recent0={{0xf8}, {0x9, 0x0, 0x24, 0x0, 'syz1\x00'}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x1, 0x4, 0x7a3, 0x6, 'snmp_trap\x00', {0x369bc443}}}}, {{@ipv6={@remote, @dev={0xfe, 0x80, '\x00', 0x23}, [0xffffff00, 0xffffffff, 0x0, 0xffffff00], [0xffffffff, 0xffffff00, 0xffffffff, 0xff000000], 'dvmrp0\x00', 'bridge_slave_1\x00', {}, {0xff}, 0x2b, 0x2, 0x5, 0x5}, 0x0, 0x228, 0x248, 0x0, {}, [@common=@inet=@policy={{0x158}, {[{@ipv4=@empty, [0xaaab4584fd44661c, 0xffffff00, 0x0, 0xffffff], @ipv6=@ipv4={'\x00', '\xff\xff', @multicast2}, [0xffffffff, 0xffffffff, 0xff000000, 0xffffffff], 0x4d4, 0x3506, 0xff, 0x1, 0x6, 0x9}, {@ipv4=@broadcast, [0xffffff00, 0x1fe, 0xffffff00, 0xff000000], @ipv4=@rand_addr=0x64010101, [0xff, 0x0, 0x0, 0xffffff00], 0x4d5, 0x3505, 0x32, 0x0, 0x4e8535f9bc1af85f, 0x10}, {@ipv6=@loopback, [0xff000000, 0x0, 0x0, 0xff000000], @ipv4=@private=0xa010102, [0xffffff00, 0xffffff00, 0xff, 0xff000000], 0x4d6, 0x0, 0x5c, 0x1, 0x12, 0x17}, {@ipv6=@remote, [0xff000000, 0xff000000, 0xffffffff, 0xff000000], @ipv6=@private2={0xfc, 0x2, '\x00', 0x1}, [0xff000000, 0xffffffff, 0xffffffff, 0xffffffff], 0x4d6, 0x3500, 0x5e, 0x1, 0x0, 0xf}], 0x5, 0x4}}, @inet=@rpfilter={{0x28}, {0x1c}}]}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x576)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r8 = gettid()
timer_create(0x1, &(0x7f0000000800)={0x0, 0x21, 0x4, @tid=r8}, &(0x7f0000000000))
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x3ed4, 0x5})

739.390285ms ago: executing program 3 (id=756):
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
pipe2$9p(0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="070000000400000008020000d9"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7030000003e7400850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x18)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', 0x0, 0x0, 0x0)
syz_clone(0x0, 0x0, 0x43, 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f0000000280)={@mcast2, 0x800, 0x0, 0x1, 0x1, 0x0, 0x0, 0x6600}, 0x26)

724.549996ms ago: executing program 0 (id=757):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000040000000000000000850000002300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000200)='block_plug\x00', r0}, 0x18)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$PPPIOCGL2TPSTATS(r1, 0x40047452, 0x0)
set_mempolicy(0x6005, &(0x7f0000000080)=0xfffffffffffffffd, 0x4)
r2 = socket$tipc(0x1e, 0x5, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYRESOCT=0x0], &(0x7f0000001b80)='syzkaller\x00', 0x5, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
bind$tipc(r2, 0x0, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000380)={0x43, 0x4, 0x3, 0x3}, 0x10)
sendmsg$tipc(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x4008030)
unshare(0x8000000)
timer_create(0xfffffffffffffffd, 0x0, &(0x7f00000000c0)=<r4=>0x0)
timer_settime(r4, 0x0, &(0x7f0000000080)={{0x77359400}, {0x0, 0x989680}}, 0x0)
syz_read_part_table(0x407c, &(0x7f0000008140)="$eJzs079KemEYB/BHh98ParHoAt4tAqnjnySnqGhoMAenxgoLQQzSwqWlu+mSuoCuw8AM5FSDFgTx+UzPOd/3efku7+rL00FEFHbuBr1x5BQjYjKd9osRhYioz5JC/ujwutc/v+j237aK+ZiFlb74//A4G/4tfufmWsRpioiV0fPG0Xfa8Uf83zqb/5xMfXzfyzk5bKX2cStljUa1U6mmd7VUyz7fyLJsLvmhGktZL3Wuxum+ezvs3QzS7natnNqXo1TZK6dKs1n/xWYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDKDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwA8cCAAAAAML8rZPo3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG4FAAD//xQHINw=")
r5 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_DROP_PRIVILEGES(r5, 0x4004551e, &(0x7f0000000040)=0x101)
bpf$PROG_LOAD(0x5, &(0x7f0000000e80)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r6}, 0x18)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)=ANY=[@ANYBLOB="280000002d0001002abd70000000000008000000", @ANYRES32], 0x28}], 0x1}, 0x0)
wait4(0x0, 0x0, 0x40000000, 0x0)
timer_gettime(r4, 0x0)
madvise(&(0x7f0000000000/0x400000)=nil, 0x40001e, 0x15)

639.231923ms ago: executing program 4 (id=759):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_PORT_GET(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000100)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0000000000000000390000000e0001006e657464657673696d0000000f0002006e657464657673f850259ff0cd67f60000000800eaff7c941f0470be5de1a1885ee7b31a789bc269c389837349327945ebb535118cc3ac8486cddc9ba717b6b3b2b7c495806c6d"], 0x3c}}, 0x0)
r2 = epoll_create1(0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000080)=0x8000)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(r3, 0x84, 0x1, &(0x7f0000001080)=""/4125, &(0x7f0000000000)=0x101d)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000700)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x204010, &(0x7f00000012c0), 0xfe, 0x244, &(0x7f0000000400)="$eJzs3T9oJFUcB/DvzO565m6RUxtB/AMiooFwdoJNbBQCEoKIoEJExEZJhJhgl1jZWGitksomiJ3RUtIEG0WwipoiNoIGC4OFFiu7k0hMVqNu3Dkynw9MZibz3vzesPN9u83sBmisq0mmk7SSTCbpJCmON7i7Wq4e7q5PbM8nvd4TPxWDdtV+5ajflSRrSR5KslUWeamdrGw+s/fLzmP3vbncuff9zacnxnqRh/b3dh8/eG/2jY9mHlz54qsfZotMp/un6zp/xZD/tYvklv+j2HWiaNc9Av6Judc+/Lqf+1uT3DPIfydlqhfvraUbtjp54N2/6vv2j1/ePs6xAuev1+v03wPXekDjlEm6KcqpJNV2WU5NVZ/hv2ldLl9eXHp18sXF5YUX6p6pgPPSTXYf/eTSx1dO5P/7VpV/4OLq5//JuY1v+9sHrbpHA4zFHdWqn//J51bvj/xD48g/NJf8Q3PJPzSX/ENzyT80l/zDBdb5+8PyD80l/9Bc8g/NdTz/AECz9C7V/QQyUJe65x8AAAAAAAAAAAAAAAAAAOC09Ynt+aNlXDU/eyfZfyRJe1j91uD3iJMbB38v/1z0m/2hqLqN5Nm7RjzBiD6o+enrm76rt/7nd9Zbf3UhWXs9ybV2+/T9Vxzef//dzWcc7zw/YoF/qTix//BT461/0m8b9daf2Uk+7c8/14bNP2VuG6yHzz/ds79i+Uyv/DriCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABib3wMAAP//+kBtTA==")
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000014c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000800)=ANY=[@ANYBLOB="24000000390007010000000000000000027c0000040000000c000180060006008035"], 0x24}}, 0x0)
r6 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
write$binfmt_aout(r6, &(0x7f00000000c0)=ANY=[], 0x20)

582.866959ms ago: executing program 2 (id=760):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000000, &(0x7f00000006c0), 0x1, 0x512, &(0x7f0000000c40)="$eJzs3W1rZFcdAPD/vcmk2d3UTFVkLdgWW9ktujNJY9so0lYQfVVQ6/s1JpMQMsmEzKRuQtEsfgBBRAU/gG8EP4Ag+xFEWND3oqKI7upL3St35kbzMJMMySSzTn4/OJlz7sP5n3PJ3LkPh3sDuLJeioh3ImIsIl6NiOlielqk2OukfLnHjz5YzFMSWfbe35JIimn7deXl8Yi4Uaw2GRFf/0rEt5LjcZs7u2sL9XptqyhXW+ub1ebO7p3V9YWV2kptY25u9o35N+dfn5/JCufqZzki3vrSn370/Z99+a1ffebbv7/7l9vfyZv1hY912h0Ri+cK0EOn7lJ7W+zLt9HWRQQbkrw/pbFhtwIAgH7kx/gfjohPto//p2OsfTQHAAAAjJLs7an4VxKRAQAAACMrjYipSNJKMRZgKtK0UumM4f1oXE/rjWbr08uN7Y2lfF5EOUrp8mq9NlOMFS5HKcnLs8UY2/3ya0fKcxHxXET8cPpau1xZbNSXhn3xAwAAAK6IGy8ePv//53TazgMAAAAjptyzAAAAAIwKp/wAAAAw+pz/AwAAwEj76rvv5inbf4/30vs722uN9+8s1ZprlfXtxcpiY2uzstJorLSf2bd+Wn31RmPzs7Gxfa/aqjVb1ebO7t31xvZG6+7qoVdgAwAAAJfouRcf/C6JiL3PX2unKJ4DCHDIH4fdAGCQxobdAGBoxofdAGBoSqcuYQ8Boy45Zf7xwTuda4Xx64tpDwAAMHi3Pn78/v9EMe/0awPA/zNjfQDg6nF3D66u0llHAN4cdEuAYflQ5+OZXvN7Pryjj/v/nWsMWXamhgEAAAMz1U5JWimO06ciTSuViGfbrwUoJcur9dpMcX7w2+nSM3l5tr1mcuqYYQAAAAAAAAAAAAAAAAAAAAAAAACgI8uSyAAAAICRFpH+OWk/zT/i1vQrU4evDhx569dP3/vxvYVWa2s2YiL5+3Q+aSIiWj8ppr+WeSUAAAAAPAU65+nF5+ywWwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAqHn86IPF/XSZcf/6xYgod4s/HpPtz8koRcT1fyQxfmC9JCLGBhB/735E3OwWP4knWZaVi1Z0i3/tguOX25ume/w0Im4MID5cZQ/y/c873b5/abzU/uz+/Rsv0nn13v+l/93/jfXY/zx7pNzL8w9/Ue0Z/37E8+Pd9z/78ZNO/EMh8sLLffbxm9/Y3e0640CV3eIfjFVtrW9Wmzu7d1bXF1ZqK7WNubnZN+bfnH99fqa6vFqvFX+7hvnBJ3755KT+X+8Rv3y4/8e2/yt99T6Lfz+89+gjnUKpW/zbL3f//b3ZI35a/PZ9qsjn82/t5/c6+YNe+PlvXjip/0s9+j95Sv9v99X/+NyrX/veH7rOObY1AIDL0NzZXVuo12tbJ2Qm+1jmkjNvPx3NGGAmno5mDCuTfbfz/3i+es65+rFMdp7Vx2MAzZg49j0di7NWmETs5XX1+Q8JAACMmP8d9J90BwkAAAAAAAAAAAAAAAAAAAC4SGd8LNlkRPS98NGYe8PpKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAif4TAAD//4RX0Xo=")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000010850000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
socket$inet(0xa, 0x801, 0x84)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x2, 0x3, 0xfffffffffffffffd, 0x0, 0x0, 0x2}, 0x0, &(0x7f0000000240)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
sendto$inet6(r1, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

582.533329ms ago: executing program 3 (id=761):
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000540)='./file0\x00', 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="73686f72746e616d653d77696e39352c756e695f786c6174653d312c636865636b3d7374726963742c646f733178666c6f7070792c757466383d312c757466383d312c757466383d302c696f636861727365743d6370313235de26302c696f636861727365743d69736f383835392d342c696f636861727365743d64656661756c742c73686f72746e616d653d6d69786564", @ANYRES8=0x0], 0xff, 0x1c2, &(0x7f0000000f00)="$eJzs20Fr02AYB/Cns9vaKrYHT+Ih4MVTWfcJLDJBLAhKDwqC4laQRQoOCnpwvXnwS/hxvOon8biDEGnTum7LQOZsNvb7XfqQN//2Sdr0TUrz6s673e3h3uDl4FvUKpVYuZ9lcVCJVqzE3DgKVIsWAgCXwUGWxc8syybTef1rZFlWdkcAwP82n/+z9bH5HwCuiGfPXzzu9npbT5OkFpF+HvVH/fwxH+8O4m2ksRMb0YxfMTlBmMnrh496WxvJVCu+pPuz/P6of+1ovhPNaBXnO3k+OZpfjcZifjOacas4v7mYvzHPr8W9uwv5djTjx5sYRhrbMcke5j91kuTBk96x178+Xa/I+vLeHgAAADgX7eSPwuv3djtJ1iLi5Hie71b++veBY9fX1bjtP4QAUIq9Dx93X6fpzvvSiogYz5bU4uQ63xt5o8trLDljfL5Ly9yZ/1bU4zyep9pY/GitTs4eL8oGXvpiePO0oXrBsXOWohYR06KsbyRgWQ6P/rI7AQAAAAAAAAAAAAAATrOMW5fK3kYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAArp7fAQAA//8+KIX0")
r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = openat$selinux_policy(0xffffff9c, 0x0, 0x0, 0x0)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f00000002c0), r1)
sendmsg$TIPC_CMD_DISABLE_BEARER(r0, &(0x7f0000000500)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000100)={&(0x7f0000000480)=ANY=[@ANYBLOB, @ANYRES16=r2, @ANYBLOB="00022abd7000ffdbdf25010000000000000002410000001000136574683a64756d6d79300000"], 0x2c}, 0x1, 0x0, 0x0, 0x8040}, 0x4000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000008, 0x12, r1, 0x0)
write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0xffa8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x89901)
move_mount(r3, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
sendmsg$TIPC_NL_MEDIA_GET(r3, &(0x7f0000000440)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000400)={&(0x7f0000000bc0)=ANY=[@ANYBLOB="10010004", @ANYRES16=0x0, @ANYBLOB="000826bd7000fddbdf250b0000008c000180440002800800020009000000080003000300000008000200090000000800040008000000080001000200000008000100130000000800020005000000080004000500000044000400200001000a004e2400000007fe880000000000000000000000000001ff070000200002000a004e21000034a6fe8800000000000000000000000001010500000028000480040007800c000780080004007f0000001300010062726f6164636173742d6c696e6b00002400028004000400140003800800020092380000080001000700000008000100fffbffff240005800700010069620000080001006574680008000100756470000800010065746800"], 0x110}, 0x1, 0x0, 0x0, 0x40}, 0x4040)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000ac0)='./file0/../file0/../file0/../file0\x00', 0x89900)
move_mount(r4, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f00000004c0)='./file1/file0\x00', &(0x7f0000000080)='./file0/../file0/../file0/../file0/file0\x00')
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f00000001c0)={0x1, [<r5=>0x0]}, &(0x7f0000000200)=0x8)
r6 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', <r7=>0x0})
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000001100)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200020000f8ffffffb723000008000000350885360000000085001b000100000095908e965a3f87715a797296d7bebec915565d29ead2068dc61bc01842a778b5b53cf7679b36a04e1c079ea0d1f469723bedebc274c6f0df6c30eae7d6bf5015dfa9d5aa9db0053630cbe8cd1a692d"], &(0x7f0000000b00)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r10}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r9}, &(0x7f0000000000), &(0x7f00000005c0)=r10}, 0x20)
sendmsg$nl_route(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000d40)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32=r7, @ANYBLOB="08000c0021111584a84e1c0ddf8dfe2d863cc7cd48ad3d0f29400696ab2328ab8eb8dfd1588f9a9d94715a0e2150680d81674ad24c08d7f7b4a832221b706c6cb904fd1e7dd99eaa31b374293bf1350c7168843c7be8b7bf1ef8cafc44dc27b427d90432e417acb45b21dab9402222d842cbc77c192808b06ddc5f1b447e363df2653a42d16b18b3962d0edc66cafd6d4bda16bdfbacf6de5691034d7002b7337c71e086060032e0a57e8b6a8e7cd417d86fd47635afab02deb3", @ANYRESOCT], 0xb4}}, 0x0)
ioctl$SG_GET_KEEP_ORPHAN(r3, 0x2288, &(0x7f0000000580))
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000240)={r5, 0x6, 0x10}, &(0x7f0000000340)=0xc)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@nogrpid}, {@quota}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
quotactl$Q_SETQUOTA(0xffffffff80000800, &(0x7f00000003c0)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000280)={0x100000000007, 0x4, 0x800077, 0x8, 0x6, 0x6, 0x1000, 0xf67, 0xfffffffc})
mknod$loop(&(0x7f0000000d00)='./file0\x00', 0x0, 0x1)
open(&(0x7f0000000080)='./file1\x00', 0x64842, 0x86)

471.514228ms ago: executing program 5 (id=762):
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x40, 0x0, 0x9, 0x3c033, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x1, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x400000000, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$netlink(0x10, 0x3, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x404, &(0x7f0000000600)={[{@nogrpid}, {@nobh}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@noquota}, {@nombcache}, {@orlov}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000380)={'vcan0\x00', <r1=>0x0})
r2 = socket$can_j1939(0x1d, 0x2, 0x7)
bind$can_j1939(r2, &(0x7f0000001640)={0x1d, r1, 0x1, {0x2, 0xff, 0x3}, 0xff}, 0x18)
bind$can_j1939(r2, &(0x7f0000000080)={0x1d, r1, 0xfffffffffffffffe, {0x0, 0xff, 0x1}, 0x2}, 0x18)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0xe, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r4, 0x0, 0xfffffffffffff001}, 0x18)
r5 = fsopen(&(0x7f0000000580)='binfmt_misc\x00', 0x1)
close(r5)
chdir(&(0x7f0000000100)='./bus\x00')
mmap$perf(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1, 0x4000011, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1, @perf_config_ext={0x8, 0x6}, 0x120, 0x10000, 0x33f8, 0x1, 0x8, 0x20007, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB='\v\x00\x00\x00\b'], 0x48)
r6 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000200)={'veth1_to_bridge\x00', <r7=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000100)={@local, 0x0, r7})
r8 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_inet6_SIOCADDRT(r8, 0x890b, &(0x7f0000000140)={@mcast2, @empty, @private2, 0x0, 0x0, 0x10, 0x500, 0x4, 0xa0022})

396.494855ms ago: executing program 4 (id=763):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x18)
modify_ldt$write2(0x11, &(0x7f0000000000)={0x2, 0x20001000, 0xffffffffffffffff, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1}, 0x10)

368.607698ms ago: executing program 4 (id=764):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e40)=ANY=[@ANYBLOB="0b00000005000000020000000200000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000160000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
r2 = semget(0x1, 0x4, 0x39c)
semctl$IPC_RMID(r2, 0x0, 0x0)

288.931674ms ago: executing program 4 (id=765):
sendmsg$key(0xffffffffffffffff, 0x0, 0x4004844)
socket$can_raw(0x1d, 0x3, 0x1)
gettid()
socket$inet6_sctp(0xa, 0x1, 0x84)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/protocols\x00')
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r0, 0xc0c89425, &(0x7f0000000100)={"bb4c32688eb9f930221287b50524bcdc", 0x0, 0x0, {0x1, 0x7}, {}, 0x9, [0x6000000000000, 0x6, 0xff8000000000000, 0x4, 0x8, 0x7, 0xb, 0xd740000000000000, 0x8000000000000001, 0x5, 0xe, 0x3, 0x9, 0x8000000000000001, 0x100000001, 0x2]})
ioctl$RNDGETENTCNT(r0, 0x80045200, &(0x7f00000000c0))
openat$ptmx(0xffffffffffffff9c, 0x0, 0x101200, 0x0)
r1 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r1, &(0x7f0000000080)={0x18, 0x0, {0xfffe, @broadcast, 'veth0_virt_wifi\x00'}}, 0x1e)
r2 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r2, &(0x7f0000000080)={0x18, 0x0, {0xfffe, @local, 'geneve0\x00'}}, 0x1e)
r3 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r3, &(0x7f0000000080)={0x18, 0x0, {0xfffe, @local, 'geneve0\x00'}}, 0x1e)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
write$P9_RLINK(r0, &(0x7f0000000240)={0x7, 0x47, 0x2}, 0x7)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000500)=[@in={0x2, 0x4e20, @rand_addr=0x64010100}, @in6={0xa, 0x4e23, 0x4, @loopback, 0x7}, @in={0x2, 0x4e20, @broadcast}, @in6={0xa, 0x4e21, 0x2429, @dev={0xfe, 0x80, '\x00', 0xf}, 0x8000}, @in6={0xa, 0x6, 0x1, @dev={0xfe, 0x80, '\x00', 0xf}, 0x3}, @in6={0xa, 0x4e20, 0x5, @loopback, 0x60000000}, @in6={0xa, 0x4e22, 0x64cb, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x2}], 0xac)
r6 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000ac0), r4)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r5, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000b80)={&(0x7f0000000b00)={0x30, r6, 0x1, 0x70bd27, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_PAN_ID={0x6, 0x6, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}]}, 0x30}, 0x1, 0x0, 0x0, 0x1}, 0x80)
close(r2)
connect$pppoe(r3, &(0x7f0000000000)={0x18, 0x0, {0x4, @broadcast, 'bond0\x00'}}, 0x1e)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000006000000000000000064000000070000000c0000000000000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r7}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3800000056000100000000000000000007020000", @ANYRES32=r8, @ANYBLOB="200001"], 0x38}}, 0x6404481c)
sendmsg$nl_route(r8, 0x0, 0x0)

208.250952ms ago: executing program 4 (id=766):
syz_init_net_socket$802154_raw(0x24, 0x4, 0x0)
sendmsg$can_raw(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000400)=@canfd={{0x4, 0x1, 0x1, 0x1}, 0xfe, 0x2, 0x0, 0x0, "cca6f1e10194fd9304e8689818861d84be21875faed70061c5322a4ca48de2c8afc31232034c834cdc4586231d4cd7fcc6c6ad00"}, 0x48}, 0x2, 0x0, 0x0, 0x20000004}, 0x10044009)
sendmmsg(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000235, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x18, 0x5, &(0x7f0000000780)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a0ef010095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000580)='kmem_cache_free\x00', r0}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x839, 0x70bd28, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x1, 0x2}, {0xd, 0x10}, {0x1, 0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x84}, 0x0)
r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)=<r4=>0x0)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="010026bd70003c0200000200000008000100", @ANYRES32=r4], 0x1c}}, 0x0)
r5 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x800)
ioctl$SG_GET_VERSION_NUM(r5, 0x2284, 0x0)
write$nci(r1, &(0x7f0000001800)=ANY=[@ANYBLOB="7240082b0102020681055a03997713fa06070202267a"], 0x16)
write$nci(r1, &(0x7f00000005c0)=ANY=[@ANYBLOB="4002040a02cd42aa3e8f8ad392daa1e781a5ab3863346680dcffeba756b384657f11e4b8bf123a23674b4108936c52bdcdf4b929ad1e4d082794734bbc37bec5be20a50f9b8986be3eb76311f5af046dfd5a4e6b18b43e20253a8a2b8e1d216b"], 0x7)
sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000002c0)={&(0x7f0000000100)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16, @ANYBLOB="040027bd7000fedbdf2546000000080001007063690011000200303030303a30303a31302e300000000008008e00030000000c008f00d20e0000000000000c009000fcffffffffffffff0e0001006e657464657673696d0000000f0002006e657464657673696d30000008008e00030000000c008f0007000000000000000c009000ffffffffffffff7f0e0001006e657464657673696d0000000f0002006e657464657673696d30000008008e00010000000c008f0003000000000000000c0090000400000000000000080001007063690011000200303030303a30303a31302e300000000008008e00010000000c008f0001000000000000000c009000ffffff7f000000000e0001006e657464657673696d0000000f0002006e657464657673696d30000008008e00000000000c008f00ffffff7f000000000c009000ffffffffffffff7f"], 0x14c}, 0x1, 0x0, 0x0, 0x28005}, 0x800)

197.435162ms ago: executing program 5 (id=767):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'lo\x00', <r0=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x8000000, 0x0, {0x0, 0x0, 0x0, r0, {}, {0xffff, 0xffff}, {0xffe0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x4}}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x6}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
nanosleep(&(0x7f0000000080)={0x0, 0x3938700}, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x2, 0x6, 0x620, 0xe0, 0x428, 0x338, 0x338, 0x338, 0x550, 0x550, 0x550, 0x550, 0x550, 0x6, 0x0, {[{{@uncond, 0x0, 0xa8, 0xe0, 0x0, {0x7a00000010000000}}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0xffffffffffffffff, 0x2, 0x1}, {0xffffffffffffffff, 0x45, 0x1}, {0xffffffffffffffff, 0x4}, 0x6, 0x7ff}}}, {{@ipv6={@mcast2, @dev={0xfe, 0x80, '\x00', 0xa}, [0x0, 0x0, 0x0, 0xffffff00], [0x0, 0x0, 0xffffffff, 0xff], 'macvlan0\x00', 'veth1_vlan\x00', {}, {}, 0x6, 0x1, 0x4}, 0x0, 0xf8, 0x130, 0x0, {}, [@common=@eui64={{0x28}}, @common=@eui64={{0x28}}]}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0xffff}, {}, {0x87, 0x0, 0x7}}}}, {{@uncond, 0x0, 0x100, 0x128, 0x48000000, {}, [@inet=@rpfilter={{0x28}, {0xd}}, @common=@srh={{0x30}, {0x33, 0x66, 0xf8, 0xa6, 0x9, 0x440, 0x502}}]}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffc}}, {{@uncond, 0x0, 0xa8, 0xf0}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv4=@rand_addr=0x64010100, @ipv4=@loopback}}}, {{@uncond, 0x0, 0x100, 0x128, 0x0, {}, [@common=@srh={{0x30}, {0x62, 0x8, 0x7, 0xb, 0x30ba, 0x222}}, @inet=@rpfilter={{0x28}, {0x6}}]}, @HL={0x28, 'HL\x00', 0x0, {0x1}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x680)

132.421409ms ago: executing program 3 (id=768):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'batadv0\x00', <r1=>0x0})
socket(0x1, 0x4, 0x8) (async)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="440000001000ffff27bd7000f7dbdf2500000000", @ANYRES32=0x0, @ANYBLOB="fda45d0521860000140012800c0001006d616376746170000400028008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r1], 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x0)

111.16674ms ago: executing program 4 (id=769):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x839, 0x70bd28, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x1, 0x2}, {0xd, 0x10}, {0x1, 0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x84}, 0x0)
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r3=>0x0)
sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010026bd70003c0200000200000008000100", @ANYRES32=r3], 0x1c}}, 0x0)
syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x800)
write$nci(r0, &(0x7f0000001800)=ANY=[@ANYBLOB="7240082b0102020681055a03997713fa06070202267a"], 0x16)
write$nci(r0, &(0x7f00000005c0)=ANY=[@ANYBLOB="4002040a02cd42aa3e8f8ad392daa1e781a5ab3863346680dcffeba756b384657f11e4b8bf123a23674b4108936c52bdcdf4b929ad1e4d082794734bbc37bec5be20a50f9b8986be3eb76311f5af046dfd5a4e6b18b43e20253a8a2b8e1d216b"], 0x7)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000002c0)={&(0x7f0000000100)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="040027bd7000fedbdf2546000000080001007063690011000200303030303a30303a31302e300000000008008e00030000000c008f00d20e0000000000000c009000fcffffffffffffff0e0001006e657464657673696d0000000f0002006e657464657673696d30000008008e00030000000c008f0007000000000000000c009000ffffffffffffff7f0e0001006e657464657673696d0000000f0002006e657464657673696d30000008008e00010000000c008f0003000000000000000c0090000400000000000000080001007063690011000200303030303a30303a31302e300000000008008e00010000000c008f0001000000000000000c009000ffffff7f000000000e0001006e657464657673696d0000000f0002006e657464657673696d30000008008e00000000000c008f00ffffff7f000000000c009000ffffffffffffff7f"], 0x14c}, 0x1, 0x0, 0x0, 0x28005}, 0x800)

101.122861ms ago: executing program 5 (id=770):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
close(r0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000480)=0x400000001, 0x4)
socket$igmp6(0xa, 0x3, 0x3a)
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000340)='kfree\x00', r2}, 0x18)
setsockopt$inet6_tcp_int(r1, 0x6, 0x22, &(0x7f0000356000)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000340)={0xa, 0x4e24, 0x100000, @loopback}, 0x1c)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="020d00051400000000000000000000000800120000000200c06b6e000000000006000000000000000000000000000000e00000020000000000000000000000000000000000000000000000000000000105000500008000000a0000000000000000000000000000000000000000000001000000000000000005000600ff4700000a"], 0xa0}}, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x20008041, 0x0, 0x0)

0s ago: executing program 5 (id=771):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000000c0)={'ip6tnl0\x00', &(0x7f0000000140)={'syztnl0\x00', <r2=>0x0, 0x6, 0x1, 0x0, 0x401, 0x38, @private1={0xfc, 0x1, '\x00', 0x1}, @dev={0xfe, 0x80, '\x00', 0x26}, 0x40, 0x1, 0x1, 0x80000001}})
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000240)={'gre0\x00', &(0x7f0000000200)={'ip_vti0\x00', <r3=>0x0, 0x40, 0x7, 0x0, 0x8, {{0x8, 0x4, 0x2, 0x1, 0x20, 0x65, 0x0, 0x6, 0x29, 0x0, @multicast1, @local, {[@rr={0x7, 0xb, 0x16, [@multicast1, @private=0xa010102]}, @end]}}}}})
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd28, 0x25dfdbfb, {0x0, 0x0, 0x0, r6, {0xa, 0x7}, {}, {0xc, 0xfff1}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x14, 0x2, [@TCA_CGROUP_EMATCHES={0x10, 0x3, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x6}}, @TCA_EMATCH_TREE_LIST={0x4}]}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x80}, 0x40010)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000280)={'ip6tnl0\x00', &(0x7f0000000380)={'ip6tnl0\x00', <r7=>0x0, 0x2f, 0x1, 0x0, 0x6, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, @local, 0x7, 0x40, 0x4, 0x7}})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000480)={'ip6_vti0\x00', &(0x7f0000000400)={'ip6tnl0\x00', <r8=>0x0, 0x4, 0x1, 0x7, 0x7, 0x40, @empty, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}, 0x80, 0x48, 0x9, 0xfffffffc}})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000540)={'syztnl1\x00', &(0x7f00000004c0)={'syztnl1\x00', <r9=>0x0, 0x2f, 0x4, 0x7, 0x4, 0x9, @empty, @dev={0xfe, 0x80, '\x00', 0x2f}, 0x8000, 0x700, 0x40, 0xa}})
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000840)={r0, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000580)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r10=>0x0, 0x0, 0x0, 0x0, 0x3, 0xa, &(0x7f00000005c0)=[0x0, 0x0, 0x0], &(0x7f0000000600)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xb8, &(0x7f0000000640)=[{}, {}], 0x10, 0x10, &(0x7f0000000680), &(0x7f00000006c0), 0x8, 0x80, 0x8, 0x8, &(0x7f0000000700)}}, 0x10)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000900)={'ip6gre0\x00', &(0x7f0000000880)={'syztnl2\x00', <r11=>0x0, 0x29, 0x38, 0xa, 0xfff, 0x40, @ipv4={'\x00', '\xff\xff', @broadcast}, @private1, 0x8000, 0x1, 0x7, 0x4}})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r12=>0x0})
r13 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r13, &(0x7f0000000280)="bad33ca9b46645d58756d26075dabf8dd7b8", 0x12, 0x24044085, &(0x7f00000001c0)={0x11, 0x88a8, r12, 0x1, 0xd8, 0x6, @multicast}, 0x14)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000009c0)={'ip6_vti0\x00', &(0x7f0000000940)={'ip6_vti0\x00', <r14=>0x0, 0x4, 0x7, 0xbd, 0x1, 0x60, @ipv4={'\x00', '\xff\xff', @empty}, @mcast2, 0x7, 0x740, 0x3, 0x1}})
r15 = socket$nl_route(0x10, 0x3, 0x0)
r16 = socket$netlink(0x10, 0x3, 0x0)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000100)=<r17=>0x0)
quotactl_fd$Q_SETQUOTA(r15, 0xffffffff80000801, r17, &(0x7f0000000140)={0x8, 0xffffffffffffffff, 0x81, 0x0, 0x4, 0x4, 0xffffffffffffffff, 0x20007, 0x9})
r18 = socket(0x10, 0x803, 0x0)
connect$netlink(r18, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x25dfdbfc}, 0xc)
getsockname$packet(r18, &(0x7f0000000340)={0x11, 0x0, <r19=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r16, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r19, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r15, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@getchain={0x24, 0x11, 0x43d, 0x70bd2b, 0x10008, {0x0, 0x0, 0x0, r19, {0x5, 0x2}, {0x0, 0xffef}, {0xfff3, 0x10}}}, 0x24}, 0x1, 0x0, 0x0, 0x8014}, 0x4004000)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r1, &(0x7f0000000c00)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000a00)={0x194, 0x0, 0x20, 0x70bd26, 0x25dfdbfe, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}, @HEADER={0x54, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'erspan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}]}, @HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r11}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r12}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gre0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r14}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pimreg\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x7c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r19}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_vlan\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_hsr\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'sit0\x00'}]}]}, 0x194}, 0x1, 0x0, 0x0, 0x1}, 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)={0x20, 0x39, 0x9, 0x70bd2c, 0x0, {0x4}, [@nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\b\x00'}]}]}, 0x20}}, 0x0)

kernel console output (not intermixed with test programs):

4201] netlink: 'syz.1.217': attribute type 5 has an invalid length.
[   58.861756][ T4201] netlink: 'syz.1.217': attribute type 6 has an invalid length.
[   58.869506][ T4201] netlink: 3 bytes leftover after parsing attributes in process `syz.1.217'.
[   59.046300][ T4207] loop1: detected capacity change from 0 to 128
[   59.077262][ T4207] FAT-fs (loop1): Directory bread(block 32) failed
[   59.093896][ T4207] FAT-fs (loop1): Directory bread(block 33) failed
[   59.110822][ T4207] FAT-fs (loop1): Directory bread(block 34) failed
[   59.127640][ T4207] FAT-fs (loop1): Directory bread(block 35) failed
[   59.143904][ T4207] FAT-fs (loop1): Directory bread(block 36) failed
[   59.153893][ T4207] FAT-fs (loop1): Directory bread(block 37) failed
[   59.160458][ T4207] FAT-fs (loop1): Directory bread(block 38) failed
[   59.187235][ T4207] FAT-fs (loop1): Directory bread(block 39) failed
[   59.202074][ T4207] FAT-fs (loop1): Directory bread(block 40) failed
[   59.222909][ T4207] FAT-fs (loop1): Directory bread(block 41) failed
[   59.235422][ T4209] loop3: detected capacity change from 0 to 512
[   59.252138][ T4209] EXT4-fs: Ignoring removed nobh option
[   59.258110][ T4209] EXT4-fs: Ignoring removed orlov option
[   59.284610][ T4209] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   59.337367][ T4209] EXT4-fs (loop3): 1 truncate cleaned up
[   59.376765][ T4214] bond1 (unregistering): Released all slaves
[   59.384259][ T4209] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   59.480604][ T4223] FAULT_INJECTION: forcing a failure.
[   59.480604][ T4223] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   59.493821][ T4223] CPU: 0 UID: 0 PID: 4223 Comm: wÞ£ÿ Not tainted syzkaller #0 PREEMPT(voluntary) 
[   59.493847][ T4223] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   59.493860][ T4223] Call Trace:
[   59.493868][ T4223]  <TASK>
[   59.493877][ T4223]  __dump_stack+0x1d/0x30
[   59.493906][ T4223]  dump_stack_lvl+0x95/0xd0
[   59.493984][ T4223]  dump_stack+0x15/0x1b
[   59.494003][ T4223]  should_fail_ex+0x265/0x280
[   59.494057][ T4223]  should_fail+0xb/0x20
[   59.494081][ T4223]  should_fail_usercopy+0x1a/0x20
[   59.494110][ T4223]  _copy_from_user+0x1c/0xb0
[   59.494193][ T4223]  ___sys_sendmsg+0xc1/0x1d0
[   59.494324][ T4223]  __x64_sys_sendmsg+0xd4/0x160
[   59.494379][ T4223]  x64_sys_call+0x17ba/0x3000
[   59.494475][ T4223]  do_syscall_64+0xca/0x2b0
[   59.494517][ T4223]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.494543][ T4223] RIP: 0033:0x7ff1e7a6f749
[   59.494558][ T4223] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   59.494575][ T4223] RSP: 002b:00007ff1e64cf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   59.494657][ T4223] RAX: ffffffffffffffda RBX: 00007ff1e7cc5fa0 RCX: 00007ff1e7a6f749
[   59.494669][ T4223] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000003
[   59.494681][ T4223] RBP: 00007ff1e64cf090 R08: 0000000000000000 R09: 0000000000000000
[   59.494692][ T4223] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   59.494762][ T4223] R13: 00007ff1e7cc6038 R14: 00007ff1e7cc5fa0 R15: 00007ffc34111378
[   59.494780][ T4223]  </TASK>
[   59.499940][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   59.804340][ T4233] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=4233 comm=syz.1.233
[   59.892694][ T4244] netlink: 8 bytes leftover after parsing attributes in process `syz.1.236'.
[   59.906844][ T4246] loop3: detected capacity change from 0 to 128
[   59.941260][ T4246] FAT-fs (loop3): Directory bread(block 32) failed
[   59.949178][ T4246] FAT-fs (loop3): Directory bread(block 33) failed
[   59.974061][ T4246] FAT-fs (loop3): Directory bread(block 34) failed
[   59.998053][ T4249] loop1: detected capacity change from 0 to 512
[   60.043989][ T4246] FAT-fs (loop3): Directory bread(block 35) failed
[   60.050805][ T4246] FAT-fs (loop3): Directory bread(block 36) failed
[   60.060372][ T4249] EXT4-fs (loop1): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   60.073242][ T4246] FAT-fs (loop3): Directory bread(block 37) failed
[   60.084100][ T4244] EXT4-fs error (device loop1): ext4_add_entry:2415: inode #2: comm syz.1.236: Directory hole found for htree leaf block 0
[   60.097370][ T4244] EXT4-fs (loop1): Remounting filesystem read-only
[   60.118739][ T4246] FAT-fs (loop3): Directory bread(block 38) failed
[   60.129123][ T4246] FAT-fs (loop3): Directory bread(block 39) failed
[   60.137755][ T3320] EXT4-fs (loop1): unmounting filesystem 00000005-0000-0000-0000-000000000000.
[   60.147743][ T4246] FAT-fs (loop3): Directory bread(block 40) failed
[   60.154732][ T4246] FAT-fs (loop3): Directory bread(block 41) failed
[   60.169689][ T4257] loop1: detected capacity change from 0 to 1024
[   60.279043][ T4261] loop1: detected capacity change from 0 to 128
[   60.535707][ T4285] loop1: detected capacity change from 0 to 512
[   60.676182][ T4287] loop3: detected capacity change from 0 to 2048
[   60.762313][ T4283] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=4283 comm=syz.0.246
[   60.787961][ T4287] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   60.808025][ T4286] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   60.822830][ T4286] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 30 with max blocks 1 with error 28
[   60.835161][ T4286] EXT4-fs (loop3): This should not happen!! Data will be lost
[   60.835161][ T4286] 
[   60.844822][ T4286] EXT4-fs (loop3): Total free blocks count 0
[   60.850917][ T4286] EXT4-fs (loop3): Free/Dirty block details
[   60.856861][ T4286] EXT4-fs (loop3): free_blocks=2415919104
[   60.862618][ T4286] EXT4-fs (loop3): dirty_blocks=32
[   60.867792][ T4286] EXT4-fs (loop3): Block reservation details
[   60.873801][ T4286] EXT4-fs (loop3): i_reserved_data_blocks=2
[   60.889566][ T4285] EXT4-fs warning (device loop1): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   60.942790][ T4285] EXT4-fs (loop1): mount failed
[   61.131430][ T3389] hid_parser_main: 77 callbacks suppressed
[   61.131452][ T3389] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[   61.150322][ T3389] hid-generic 0000:0000:0000.000A: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   61.267322][ T2331] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[   61.330419][ T4299] netlink: 4 bytes leftover after parsing attributes in process `syz.0.251'.
[   61.339309][   T29] kauditd_printk_skb: 655 callbacks suppressed
[   61.339324][   T29] audit: type=1107 audit(1767523329.721:1833): pid=4297 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='s'
[   61.376397][ T4300] EXT4-fs: Ignoring removed nobh option
[   61.413845][ T4300] EXT4-fs: Ignoring removed orlov option
[   61.433804][ T4300] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   61.465866][ T4300] EXT4-fs (loop3): 1 truncate cleaned up
[   61.468585][ T4310] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=4310 comm=syz.0.251
[   61.472591][ T4300] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   61.519761][   T29] audit: type=1326 audit(1767523329.911:1834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4294 comm="syz.1.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1e7a6f749 code=0x7ffc0000
[   61.554998][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   61.570804][   T29] audit: type=1326 audit(1767523329.961:1835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4294 comm="syz.1.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff1e7a6f749 code=0x7ffc0000
[   61.594070][   T29] audit: type=1326 audit(1767523329.961:1836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4294 comm="syz.1.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1e7a6f749 code=0x7ffc0000
[   61.617597][   T29] audit: type=1326 audit(1767523329.961:1837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4294 comm="syz.1.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7ff1e7a6f749 code=0x7ffc0000
[   61.640906][   T29] audit: type=1326 audit(1767523329.961:1838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4294 comm="syz.1.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1e7a6f749 code=0x7ffc0000
[   61.664296][   T29] audit: type=1326 audit(1767523329.961:1839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4294 comm="syz.1.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7ff1e7a6f749 code=0x7ffc0000
[   61.687738][   T29] audit: type=1326 audit(1767523329.961:1840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4294 comm="syz.1.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1e7a6f749 code=0x7ffc0000
[   61.711198][   T29] audit: type=1326 audit(1767523329.961:1841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4294 comm="syz.1.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=326 compat=0 ip=0x7ff1e7a6f749 code=0x7ffc0000
[   61.734608][   T29] audit: type=1326 audit(1767523329.961:1842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4294 comm="syz.1.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1e7a6f749 code=0x7ffc0000
[   61.792739][ T4314] FAT-fs (loop3): Directory bread(block 32) failed
[   61.807872][ T4314] FAT-fs (loop3): Directory bread(block 33) failed
[   61.814735][ T4314] FAT-fs (loop3): Directory bread(block 34) failed
[   61.821477][ T4314] FAT-fs (loop3): Directory bread(block 35) failed
[   61.828669][ T4314] FAT-fs (loop3): Directory bread(block 36) failed
[   61.835363][ T4314] FAT-fs (loop3): Directory bread(block 37) failed
[   61.842393][ T4314] FAT-fs (loop3): Directory bread(block 38) failed
[   61.849871][ T4314] FAT-fs (loop3): Directory bread(block 39) failed
[   61.856586][ T4314] FAT-fs (loop3): Directory bread(block 40) failed
[   61.863199][ T4314] FAT-fs (loop3): Directory bread(block 41) failed
[   62.043452][ T4322] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   62.071307][ T4322] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   62.089188][ T4325] EXT4-fs (loop1): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   62.107045][ T4326] EXT4-fs (loop4): 1 orphan inode deleted
[   62.124112][ T1992] EXT4-fs error (device loop4): ext4_release_dquot:7022: comm kworker/u8:11: Failed to release dquot type 1
[   62.136218][ T4326] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   62.149616][ T4325] EXT4-fs error (device loop1): ext4_add_entry:2415: inode #2: comm syz.1.259: Directory hole found for htree leaf block 0
[   62.179417][ T4325] EXT4-fs (loop1): Remounting filesystem read-only
[   62.186288][ T4325] FAULT_INJECTION: forcing a failure.
[   62.186288][ T4325] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   62.199499][ T4325] CPU: 0 UID: 0 PID: 4325 Comm: syz.1.259 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   62.199609][ T4325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   62.199629][ T4325] Call Trace:
[   62.199634][ T4325]  <TASK>
[   62.199642][ T4325]  __dump_stack+0x1d/0x30
[   62.199666][ T4325]  dump_stack_lvl+0x95/0xd0
[   62.199692][ T4325]  dump_stack+0x15/0x1b
[   62.199718][ T4325]  should_fail_ex+0x265/0x280
[   62.199772][ T4325]  should_fail+0xb/0x20
[   62.199791][ T4325]  should_fail_usercopy+0x1a/0x20
[   62.199820][ T4325]  _copy_to_user+0x20/0xa0
[   62.199919][ T4325]  simple_read_from_buffer+0xb5/0x130
[   62.199995][ T4325]  proc_fail_nth_read+0x10e/0x150
[   62.200055][ T4325]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   62.200081][ T4325]  vfs_read+0x1a8/0x770
[   62.200098][ T4325]  ? __rcu_read_unlock+0x4f/0x70
[   62.200138][ T4325]  ? __fget_files+0x184/0x1c0
[   62.200166][ T4325]  ? mutex_lock+0x58/0x90
[   62.200200][ T4325]  ksys_read+0xda/0x1a0
[   62.200275][ T4325]  __x64_sys_read+0x40/0x50
[   62.200292][ T4325]  x64_sys_call+0x2889/0x3000
[   62.200315][ T4325]  do_syscall_64+0xca/0x2b0
[   62.200350][ T4325]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   62.200435][ T4325] RIP: 0033:0x7ff1e7a6e15c
[   62.200454][ T4325] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   62.200472][ T4325] RSP: 002b:00007ff1e64cf030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   62.200564][ T4325] RAX: ffffffffffffffda RBX: 00007ff1e7cc5fa0 RCX: 00007ff1e7a6e15c
[   62.200580][ T4325] RDX: 000000000000000f RSI: 00007ff1e64cf0a0 RDI: 0000000000000004
[   62.200596][ T4325] RBP: 00007ff1e64cf090 R08: 0000000000000000 R09: 0000000000000000
[   62.200609][ T4325] R10: 0000000000000702 R11: 0000000000000246 R12: 0000000000000001
[   62.200629][ T4325] R13: 00007ff1e7cc6038 R14: 00007ff1e7cc5fa0 R15: 00007ffc34111378
[   62.200647][ T4325]  </TASK>
[   62.202834][ T4326] ext4 filesystem being mounted at /44/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   62.285283][ T4336] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=4336 comm=syz.0.261
[   62.421964][ T3320] EXT4-fs (loop1): unmounting filesystem 00000005-0000-0000-0000-000000000000.
[   62.443150][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   62.536246][ T3934] IPVS: starting estimator thread 0...
[   62.548565][ T4345] EXT4-fs: Ignoring removed nobh option
[   62.560086][ T4345] EXT4-fs: Ignoring removed orlov option
[   62.566529][ T4345] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   62.578065][ T4345] EXT4-fs (loop4): 1 truncate cleaned up
[   62.584859][ T4345] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   62.634325][ T4347] IPVS: using max 1632 ests per chain, 81600 per kthread
[   62.649970][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   62.688580][ T4355] FAULT_INJECTION: forcing a failure.
[   62.688580][ T4355] name failslab, interval 1, probability 0, space 0, times 0
[   62.701332][ T4355] CPU: 0 UID: 0 PID: 4355 Comm: syz.3.269 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   62.701364][ T4355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   62.701380][ T4355] Call Trace:
[   62.701389][ T4355]  <TASK>
[   62.701399][ T4355]  __dump_stack+0x1d/0x30
[   62.701440][ T4355]  dump_stack_lvl+0x95/0xd0
[   62.701463][ T4355]  dump_stack+0x15/0x1b
[   62.701512][ T4355]  should_fail_ex+0x265/0x280
[   62.701541][ T4355]  should_failslab+0x8c/0xb0
[   62.701563][ T4355]  __kmalloc_cache_noprof+0x65/0x4c0
[   62.701641][ T4355]  ? write_ldt+0x322/0x4b0
[   62.701665][ T4355]  write_ldt+0x322/0x4b0
[   62.701690][ T4355]  __se_sys_modify_ldt+0x6c/0x270
[   62.701716][ T4355]  x64_sys_call+0x2d90/0x3000
[   62.701740][ T4355]  do_syscall_64+0xca/0x2b0
[   62.701936][ T4355]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   62.702004][ T4355] RIP: 0033:0x7fbbf456f749
[   62.702071][ T4355] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   62.702088][ T4355] RSP: 002b:00007fbbf2fcf038 EFLAGS: 00000246 ORIG_RAX: 000000000000009a
[   62.702107][ T4355] RAX: ffffffffffffffda RBX: 00007fbbf47c5fa0 RCX: 00007fbbf456f749
[   62.702119][ T4355] RDX: 0000000000000010 RSI: 0000200000000000 RDI: 0000000000000001
[   62.702131][ T4355] RBP: 00007fbbf2fcf090 R08: 0000000000000000 R09: 0000000000000000
[   62.702151][ T4355] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   62.702166][ T4355] R13: 00007fbbf47c6038 R14: 00007fbbf47c5fa0 R15: 00007ffd3ec7b068
[   62.702190][ T4355]  </TASK>
[   62.912727][ T4359] netlink: 4 bytes leftover after parsing attributes in process `syz.3.271'.
[   63.023000][ T4359] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23 sclass=netlink_route_socket pid=4359 comm=syz.3.271
[   63.208431][ T4378] netlink: 'syz.1.277': attribute type 13 has an invalid length.
[   63.218591][ T4377] netlink: 8 bytes leftover after parsing attributes in process `syz.3.278'.
[   63.277036][ T4378] gretap0: refused to change device tx_queue_len
[   63.284272][ T4378] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[   63.446799][ T4387] syzkaller0: entered promiscuous mode
[   63.452539][ T4387] syzkaller0: entered allmulticast mode
[   63.561324][ T4397] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=4397 comm=syz.1.282
[   63.654998][ T4400] netlink: 4 bytes leftover after parsing attributes in process `syz.2.284'.
[   63.655686][ T4402] netlink: 3 bytes leftover after parsing attributes in process `syz.4.285'.
[   63.835962][ T4402] 0ªX¹¦À: renamed from caif0
[   63.843355][ T4402] 0ªX¹¦À: entered allmulticast mode
[   63.848713][ T4402] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[   64.008069][ T4411] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=4411 comm=syz.2.284
[   64.442813][ T4425] FAULT_INJECTION: forcing a failure.
[   64.442813][ T4425] name failslab, interval 1, probability 0, space 0, times 0
[   64.455812][ T4425] CPU: 0 UID: 0 PID: 4425 Comm: syz.2.291 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   64.455844][ T4425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   64.455859][ T4425] Call Trace:
[   64.455865][ T4425]  <TASK>
[   64.455872][ T4425]  __dump_stack+0x1d/0x30
[   64.455898][ T4425]  dump_stack_lvl+0x95/0xd0
[   64.455998][ T4425]  dump_stack+0x15/0x1b
[   64.456024][ T4425]  should_fail_ex+0x265/0x280
[   64.456053][ T4425]  should_failslab+0x8c/0xb0
[   64.456127][ T4425]  kmem_cache_alloc_noprof+0x69/0x4b0
[   64.456204][ T4425]  ? skb_clone+0x151/0x1f0
[   64.456313][ T4425]  skb_clone+0x151/0x1f0
[   64.456432][ T4425]  __netlink_deliver_tap+0x2c9/0x500
[   64.456479][ T4425]  netlink_unicast+0x66b/0x690
[   64.456598][ T4425]  netlink_sendmsg+0x58b/0x6b0
[   64.456657][ T4425]  ? __pfx_netlink_sendmsg+0x10/0x10
[   64.456779][ T4425]  __sock_sendmsg+0x145/0x180
[   64.456803][ T4425]  ____sys_sendmsg+0x345/0x4a0
[   64.456921][ T4425]  ___sys_sendmsg+0x17b/0x1d0
[   64.456970][ T4425]  __sys_sendmmsg+0x178/0x300
[   64.457015][ T4425]  __x64_sys_sendmmsg+0x57/0x70
[   64.457114][ T4425]  x64_sys_call+0x1e28/0x3000
[   64.457145][ T4425]  do_syscall_64+0xca/0x2b0
[   64.457228][ T4425]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   64.457254][ T4425] RIP: 0033:0x7f9b793ef749
[   64.457272][ T4425] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   64.457294][ T4425] RSP: 002b:00007f9b77e4f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   64.457316][ T4425] RAX: ffffffffffffffda RBX: 00007f9b79645fa0 RCX: 00007f9b793ef749
[   64.457331][ T4425] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000003
[   64.457426][ T4425] RBP: 00007f9b77e4f090 R08: 0000000000000000 R09: 0000000000000000
[   64.457441][ T4425] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   64.457455][ T4425] R13: 00007f9b79646038 R14: 00007f9b79645fa0 R15: 00007ffe648bbd28
[   64.457499][ T4425]  </TASK>
[   64.459831][ T4427] set_capacity_and_notify: 5 callbacks suppressed
[   64.459847][ T4427] loop3: detected capacity change from 0 to 512
[   64.702084][ T4427] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   64.723015][ T4427] ext4 filesystem being mounted at /65/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   64.756699][ T4427] EXT4-fs error (device loop3): ext4_xattr_block_get:597: inode #12: comm syz.3.292: corrupted xattr block 6: invalid header
[   64.770669][ T4427] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=12
[   64.780131][ T4427] EXT4-fs error (device loop3): ext4_xattr_block_get:597: inode #12: comm syz.3.292: corrupted xattr block 6: invalid header
[   64.801405][ T4427] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=12
[   64.810758][ T4427] EXT4-fs error (device loop3): ext4_xattr_block_get:597: inode #12: comm syz.3.292: corrupted xattr block 6: invalid header
[   64.825699][ T4427] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=12
[   64.849074][ T4442] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23 sclass=netlink_route_socket pid=4442 comm=syz.4.297
[   64.862278][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   64.951056][ T4455] loop4: detected capacity change from 0 to 2048
[   64.973852][ T4455] EXT4-fs: Ignoring removed oldalloc option
[   64.986082][ T4455] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[   65.096036][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[   65.131527][ T4464] netlink: 76 bytes leftover after parsing attributes in process `syz.3.304'.
[   65.236026][ T4471] loop1: detected capacity change from 0 to 1024
[   65.299929][ T4481] FAULT_INJECTION: forcing a failure.
[   65.299929][ T4481] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   65.313149][ T4481] CPU: 0 UID: 0 PID: 4481 Comm: syz.4.311 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   65.313182][ T4481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   65.313198][ T4481] Call Trace:
[   65.313207][ T4481]  <TASK>
[   65.313216][ T4481]  __dump_stack+0x1d/0x30
[   65.313278][ T4481]  dump_stack_lvl+0x95/0xd0
[   65.313306][ T4481]  dump_stack+0x15/0x1b
[   65.313326][ T4481]  should_fail_ex+0x265/0x280
[   65.313349][ T4481]  should_fail+0xb/0x20
[   65.313372][ T4481]  should_fail_usercopy+0x1a/0x20
[   65.313434][ T4481]  _copy_to_user+0x20/0xa0
[   65.313465][ T4481]  simple_read_from_buffer+0xb5/0x130
[   65.313565][ T4481]  proc_fail_nth_read+0x10e/0x150
[   65.313600][ T4481]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   65.313685][ T4481]  vfs_read+0x1a8/0x770
[   65.313784][ T4481]  ? __rcu_read_unlock+0x4f/0x70
[   65.313871][ T4481]  ? __fget_files+0x184/0x1c0
[   65.313897][ T4481]  ? mutex_lock+0x58/0x90
[   65.313933][ T4481]  ksys_read+0xda/0x1a0
[   65.314015][ T4481]  __x64_sys_read+0x40/0x50
[   65.314039][ T4481]  x64_sys_call+0x2889/0x3000
[   65.314063][ T4481]  do_syscall_64+0xca/0x2b0
[   65.314182][ T4481]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   65.314207][ T4481] RIP: 0033:0x7f0e8454e15c
[   65.314228][ T4481] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   65.314324][ T4481] RSP: 002b:00007f0e82faf030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   65.314343][ T4481] RAX: ffffffffffffffda RBX: 00007f0e847a5fa0 RCX: 00007f0e8454e15c
[   65.314355][ T4481] RDX: 000000000000000f RSI: 00007f0e82faf0a0 RDI: 0000000000000006
[   65.314386][ T4481] RBP: 00007f0e82faf090 R08: 0000000000000000 R09: 0000000000000000
[   65.314402][ T4481] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   65.314418][ T4481] R13: 00007f0e847a6038 R14: 00007f0e847a5fa0 R15: 00007fff6dad2c18
[   65.314443][ T4481]  </TASK>
[   65.375413][ T4471] EXT4-fs: Ignoring removed bh option
[   65.426934][ T3409] IPVS: starting estimator thread 0...
[   65.539594][ T4471] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   65.555476][ T4487] netlink: 4 bytes leftover after parsing attributes in process `syz.4.312'.
[   65.578052][ T4471] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4215: comm syz.1.307: Allocating blocks 385-513 which overlap fs metadata
[   65.593944][ T4471] EXT4-fs (loop1): pa ffff888107625690: logic 16, phys. 129, len 24
[   65.601984][ T4471] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5466: group 0, free 0, pa_free 8
[   65.612631][ T4483] IPVS: using max 1968 ests per chain, 98400 per kthread
[   65.712868][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   65.727889][ T4501] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[   65.730013][ T4499] netlink: 12 bytes leftover after parsing attributes in process `syz.2.317'.
[   65.761574][ T4499] IPVS: stopping master sync thread 4501 ...
[   65.786166][ T4503] loop1: detected capacity change from 0 to 512
[   65.829810][ T4503] EXT4-fs (loop1): 1 orphan inode deleted
[   65.845039][ T4503] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   65.857774][ T2730] EXT4-fs error (device loop1): ext4_release_dquot:7022: comm kworker/u8:15: Failed to release dquot type 1
[   65.876732][ T4503] ext4 filesystem being mounted at /64/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   65.908585][ T4513] loop2: detected capacity change from 0 to 512
[   65.930135][ T4513] EXT4-fs: Ignoring removed nobh option
[   65.938927][ T4515] loop4: detected capacity change from 0 to 512
[   65.950665][ T4513] EXT4-fs: Ignoring removed orlov option
[   65.956867][ T4513] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   65.978254][ T4513] EXT4-fs (loop2): 1 truncate cleaned up
[   65.984921][ T4513] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   66.045118][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   66.058151][ T4520] netlink: 8 bytes leftover after parsing attributes in process `syz.4.325'.
[   66.120690][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   66.183808][ T4532] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   66.234365][ T4532] batman_adv: batadv0: Removing interface: batadv_slave_0
[   66.385055][ T4547] netlink: 'syz.2.333': attribute type 10 has an invalid length.
[   66.392828][ T4547] netlink: 40 bytes leftover after parsing attributes in process `syz.2.333'.
[   66.414264][   T29] kauditd_printk_skb: 785 callbacks suppressed
[   66.414344][   T29] audit: type=1326 audit(1767523334.811:2624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4519 comm="syz.4.325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e8454f749 code=0x7ffc0000
[   66.474715][ T4547] program syz.2.333 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   66.483907][   T29] audit: type=1326 audit(1767523334.841:2625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4519 comm="syz.4.325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e8454f749 code=0x7ffc0000
[   66.555739][   T29] audit: type=1326 audit(1767523334.911:2626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4519 comm="syz.4.325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e8454f749 code=0x7ffc0000
[   66.579203][   T29] audit: type=1326 audit(1767523334.911:2627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4519 comm="syz.4.325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f0e8454f783 code=0x7ffc0000
[   66.602363][   T29] audit: type=1326 audit(1767523334.911:2628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4519 comm="syz.4.325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7f0e8454f807 code=0x7ffc0000
[   66.625758][   T29] audit: type=1326 audit(1767523334.911:2629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4519 comm="syz.4.325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f0e84506bdd code=0x7ffc0000
[   66.649093][   T29] audit: type=1326 audit(1767523334.911:2630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4519 comm="syz.4.325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7f0e84583e89 code=0x7ffc0000
[   66.672561][   T29] audit: type=1326 audit(1767523334.911:2631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4519 comm="syz.4.325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f0e84506c47 code=0x7ffc0000
[   66.695893][   T29] audit: type=1326 audit(1767523334.911:2632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4519 comm="syz.4.325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e8454f749 code=0x7ffc0000
[   66.719311][   T29] audit: type=1326 audit(1767523334.911:2633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4519 comm="syz.4.325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e8454f749 code=0x7ffc0000
[   66.888447][ T4558] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=4558 comm=syz.1.334
[   67.441422][ T4568] loop4: detected capacity change from 0 to 512
[   67.469463][ T4568] EXT4-fs: Ignoring removed nobh option
[   67.488610][ T4568] EXT4-fs: Ignoring removed orlov option
[   67.504114][ T4568] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   67.536230][ T4568] EXT4-fs (loop4): 1 truncate cleaned up
[   67.542324][ T4568] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   67.692383][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   67.756605][ T4578] loop1: detected capacity change from 0 to 1024
[   67.765675][ T4577] loop2: detected capacity change from 0 to 128
[   67.795191][ T4578] ext4 filesystem being mounted at /71/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   67.829409][ T4577] FAT-fs (loop2): Directory bread(block 32) failed
[   67.921475][ T4577] FAT-fs (loop2): Directory bread(block 33) failed
[   67.957918][ T4577] FAT-fs (loop2): Directory bread(block 34) failed
[   67.967976][ T4577] FAT-fs (loop2): Directory bread(block 35) failed
[   67.983961][ T4577] FAT-fs (loop2): Directory bread(block 36) failed
[   67.993950][ T4577] FAT-fs (loop2): Directory bread(block 37) failed
[   68.000569][ T4577] FAT-fs (loop2): Directory bread(block 38) failed
[   68.023912][ T4577] FAT-fs (loop2): Directory bread(block 39) failed
[   68.040696][ T4577] FAT-fs (loop2): Directory bread(block 40) failed
[   68.053934][ T4577] FAT-fs (loop2): Directory bread(block 41) failed
[   68.145605][ T4601] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=4601 comm=syz.0.350
[   68.255710][ T4578] openvswitch: netlink: Missing key (keys=40, expected=80)
[   68.360833][ T4612] loop2: detected capacity change from 0 to 128
[   68.433945][ T4612] FAT-fs (loop2): Directory bread(block 32) failed
[   68.450681][ T4612] FAT-fs (loop2): Directory bread(block 33) failed
[   68.474574][ T4612] FAT-fs (loop2): Directory bread(block 34) failed
[   68.491455][ T4612] FAT-fs (loop2): Directory bread(block 35) failed
[   68.504519][ T4621] FAULT_INJECTION: forcing a failure.
[   68.504519][ T4621] name failslab, interval 1, probability 0, space 0, times 0
[   68.517357][ T4621] CPU: 0 UID: 0 PID: 4621 Comm: syz.4.359 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   68.517390][ T4621] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   68.517477][ T4621] Call Trace:
[   68.517485][ T4621]  <TASK>
[   68.517493][ T4621]  __dump_stack+0x1d/0x30
[   68.517594][ T4621]  dump_stack_lvl+0x95/0xd0
[   68.517624][ T4621]  dump_stack+0x15/0x1b
[   68.517679][ T4621]  should_fail_ex+0x265/0x280
[   68.517704][ T4621]  should_failslab+0x8c/0xb0
[   68.517732][ T4621]  kmem_cache_alloc_noprof+0x69/0x4b0
[   68.517759][ T4621]  ? getname_flags+0x80/0x3b0
[   68.517832][ T4621]  getname_flags+0x80/0x3b0
[   68.517863][ T4621]  path_setxattrat+0x223/0x310
[   68.517912][ T4621]  __x64_sys_lsetxattr+0x71/0x90
[   68.517972][ T4621]  x64_sys_call+0x2ef0/0x3000
[   68.518024][ T4621]  do_syscall_64+0xca/0x2b0
[   68.518067][ T4621]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.518094][ T4621] RIP: 0033:0x7f0e8454f749
[   68.518166][ T4621] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   68.518183][ T4621] RSP: 002b:00007f0e82faf038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[   68.518234][ T4621] RAX: ffffffffffffffda RBX: 00007f0e847a5fa0 RCX: 00007f0e8454f749
[   68.518250][ T4621] RDX: 0000200000000980 RSI: 0000200000000940 RDI: 0000200000000900
[   68.518266][ T4621] RBP: 00007f0e82faf090 R08: 0000000000000003 R09: 0000000000000000
[   68.518278][ T4621] R10: 0000000000000025 R11: 0000000000000246 R12: 0000000000000001
[   68.518290][ T4621] R13: 00007f0e847a6038 R14: 00007f0e847a5fa0 R15: 00007fff6dad2c18
[   68.518309][ T4621]  </TASK>
[   68.602266][ T4612] FAT-fs (loop2): Directory bread(block 36) failed
[   68.694694][ T4612] FAT-fs (loop2): Directory bread(block 37) failed
[   68.701308][ T4612] FAT-fs (loop2): Directory bread(block 38) failed
[   68.763304][ T4612] FAT-fs (loop2): Directory bread(block 39) failed
[   68.780018][ T4612] FAT-fs (loop2): Directory bread(block 40) failed
[   68.794196][ T4612] FAT-fs (loop2): Directory bread(block 41) failed
[   68.816782][ T4633] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=4633 comm=syz.4.361
[   68.948739][ T4637] EXT4-fs: Ignoring removed nobh option
[   68.966933][ T4637] EXT4-fs: Ignoring removed orlov option
[   68.991456][ T4637] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   69.014735][ T4637] EXT4-fs (loop1): 1 truncate cleaned up
[   69.284745][ T4643] lo speed is unknown, defaulting to 1000
[   69.755021][ T4652] No such timeout policy "syz0"
[   69.935591][ T4662] netlink: 256 bytes leftover after parsing attributes in process `syz.2.373'.
[   69.955069][ T4663] FAULT_INJECTION: forcing a failure.
[   69.955069][ T4663] name failslab, interval 1, probability 0, space 0, times 0
[   69.967822][ T4663] CPU: 0 UID: 0 PID: 4663 Comm: syz.4.374 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   69.967911][ T4663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   69.967927][ T4663] Call Trace:
[   69.967936][ T4663]  <TASK>
[   69.967945][ T4663]  __dump_stack+0x1d/0x30
[   69.968025][ T4663]  dump_stack_lvl+0x95/0xd0
[   69.968052][ T4663]  dump_stack+0x15/0x1b
[   69.968094][ T4663]  should_fail_ex+0x265/0x280
[   69.968119][ T4663]  should_failslab+0x8c/0xb0
[   69.968147][ T4663]  __kvmalloc_node_noprof+0x149/0x6b0
[   69.968213][ T4663]  ? rhashtable_init_noprof+0x30c/0x450
[   69.968244][ T4663]  rhashtable_init_noprof+0x30c/0x450
[   69.968278][ T4663]  rhltable_init_noprof+0x1d/0x40
[   69.968311][ T4663]  nf_tables_newtable+0x522/0xea0
[   69.968418][ T4663]  nfnetlink_rcv+0xbc9/0x16c0
[   69.968529][ T4663]  netlink_unicast+0x5c0/0x690
[   69.968566][ T4663]  netlink_sendmsg+0x58b/0x6b0
[   69.968657][ T4663]  ? __pfx_netlink_sendmsg+0x10/0x10
[   69.968710][ T4663]  __sock_sendmsg+0x145/0x180
[   69.968773][ T4663]  ____sys_sendmsg+0x31e/0x4a0
[   69.968808][ T4663]  ___sys_sendmsg+0x17b/0x1d0
[   69.968862][ T4663]  __x64_sys_sendmsg+0xd4/0x160
[   69.968917][ T4663]  x64_sys_call+0x17ba/0x3000
[   69.968997][ T4663]  do_syscall_64+0xca/0x2b0
[   69.969089][ T4663]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.969116][ T4663] RIP: 0033:0x7f0e8454f749
[   69.969135][ T4663] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   69.969235][ T4663] RSP: 002b:00007f0e82faf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   69.969259][ T4663] RAX: ffffffffffffffda RBX: 00007f0e847a5fa0 RCX: 00007f0e8454f749
[   69.969275][ T4663] RDX: 0000000024040050 RSI: 00002000000000c0 RDI: 0000000000000005
[   69.969290][ T4663] RBP: 00007f0e82faf090 R08: 0000000000000000 R09: 0000000000000000
[   69.969306][ T4663] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   69.969321][ T4663] R13: 00007f0e847a6038 R14: 00007f0e847a5fa0 R15: 00007fff6dad2c18
[   69.969406][ T4663]  </TASK>
[   70.248414][ T4670] set_capacity_and_notify: 2 callbacks suppressed
[   70.248436][ T4670] loop2: detected capacity change from 0 to 128
[   70.291300][ T4670] FAT-fs (loop2): Directory bread(block 32) failed
[   70.317056][ T4672] loop1: detected capacity change from 0 to 512
[   70.333567][ T4670] FAT-fs (loop2): Directory bread(block 33) failed
[   70.340791][ T4670] FAT-fs (loop2): Directory bread(block 34) failed
[   70.354155][ T4672] EXT4-fs: Ignoring removed nobh option
[   70.359841][ T4672] EXT4-fs: Ignoring removed orlov option
[   70.374001][ T4670] FAT-fs (loop2): Directory bread(block 35) failed
[   70.380615][ T4670] FAT-fs (loop2): Directory bread(block 36) failed
[   70.394540][ T4672] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   70.414027][ T4670] FAT-fs (loop2): Directory bread(block 37) failed
[   70.423783][ T4670] FAT-fs (loop2): Directory bread(block 38) failed
[   70.440592][ T4672] EXT4-fs (loop1): 1 truncate cleaned up
[   70.446908][ T4670] FAT-fs (loop2): Directory bread(block 39) failed
[   70.469147][ T4677] loop4: detected capacity change from 0 to 164
[   70.485319][ T4670] FAT-fs (loop2): Directory bread(block 40) failed
[   70.503845][ T4677] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   70.513939][ T4670] FAT-fs (loop2): Directory bread(block 41) failed
[   70.542648][ T4677] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   70.564188][ T4677] Symlink component flag not implemented
[   70.569867][ T4677] Symlink component flag not implemented
[   70.583910][ T4677] Symlink component flag not implemented (7)
[   70.589950][ T4677] Symlink component flag not implemented (116)
[   70.841488][ T4694] x_tables: duplicate underflow at hook 1
[   70.950248][ T4698] loop3: detected capacity change from 0 to 1024
[   70.964820][ T4698] EXT4-fs: Ignoring removed nomblk_io_submit option
[   70.991133][ T4698] EXT4-fs: test_dummy_encryption option not supported
[   71.605360][ T4707] FAULT_INJECTION: forcing a failure.
[   71.605360][ T4707] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   71.618519][ T4707] CPU: 1 UID: 0 PID: 4707 Comm: syz.2.388 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   71.618547][ T4707] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   71.618563][ T4707] Call Trace:
[   71.618571][ T4707]  <TASK>
[   71.618580][ T4707]  __dump_stack+0x1d/0x30
[   71.618604][ T4707]  dump_stack_lvl+0x95/0xd0
[   71.618705][ T4707]  dump_stack+0x15/0x1b
[   71.618729][ T4707]  should_fail_ex+0x265/0x280
[   71.618758][ T4707]  should_fail+0xb/0x20
[   71.618857][ T4707]  should_fail_usercopy+0x1a/0x20
[   71.618881][ T4707]  strncpy_from_user+0x27/0x260
[   71.618984][ T4707]  getname_flags+0x230/0x3b0
[   71.619015][ T4707]  __x64_sys_symlink+0x33/0x60
[   71.619083][ T4707]  x64_sys_call+0x24a9/0x3000
[   71.619182][ T4707]  do_syscall_64+0xca/0x2b0
[   71.619216][ T4707]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   71.619237][ T4707] RIP: 0033:0x7f9b793ef749
[   71.619323][ T4707] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   71.619367][ T4707] RSP: 002b:00007f9b77e4f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000058
[   71.619388][ T4707] RAX: ffffffffffffffda RBX: 00007f9b79645fa0 RCX: 00007f9b793ef749
[   71.619404][ T4707] RDX: 0000000000000000 RSI: 0000200000030200 RDI: 00002000000201c0
[   71.619419][ T4707] RBP: 00007f9b77e4f090 R08: 0000000000000000 R09: 0000000000000000
[   71.619435][ T4707] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   71.619450][ T4707] R13: 00007f9b79646038 R14: 00007f9b79645fa0 R15: 00007ffe648bbd28
[   71.619491][ T4707]  </TASK>
[   71.812365][ T3319] EXT4-fs unmount: 7 callbacks suppressed
[   71.812459][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.959596][ T4714] loop3: detected capacity change from 0 to 512
[   71.981870][ T4712] SET target dimension over the limit!
[   71.992782][ T4714] EXT4-fs: Ignoring removed nobh option
[   72.000641][ T4714] EXT4-fs: Ignoring removed orlov option
[   72.037620][ T4717] loop1: detected capacity change from 0 to 164
[   72.045611][ T4718] loop2: detected capacity change from 0 to 128
[   72.053099][ T4714] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   72.069048][ T4717] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   72.079292][ T4718] FAT-fs (loop2): Directory bread(block 32) failed
[   72.091209][ T4714] EXT4-fs (loop3): 1 truncate cleaned up
[   72.099650][ T4717] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   72.116669][ T4718] FAT-fs (loop2): Directory bread(block 33) failed
[   72.117509][ T4714] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   72.141651][ T4718] FAT-fs (loop2): Directory bread(block 34) failed
[   72.152995][ T4717] Symlink component flag not implemented
[   72.158749][ T4717] Symlink component flag not implemented
[   72.164588][ T4717] Symlink component flag not implemented (7)
[   72.170693][ T4717] Symlink component flag not implemented (116)
[   72.198078][ T4718] FAT-fs (loop2): Directory bread(block 35) failed
[   72.204725][ T4718] FAT-fs (loop2): Directory bread(block 36) failed
[   72.211362][ T4718] FAT-fs (loop2): Directory bread(block 37) failed
[   72.217975][ T4718] FAT-fs (loop2): Directory bread(block 38) failed
[   72.224643][ T4718] FAT-fs (loop2): Directory bread(block 39) failed
[   72.231253][ T4718] FAT-fs (loop2): Directory bread(block 40) failed
[   72.238165][ T4718] FAT-fs (loop2): Directory bread(block 41) failed
[   72.277871][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.335535][   T29] kauditd_printk_skb: 281 callbacks suppressed
[   72.335553][   T29] audit: type=1326 audit(1767523340.731:2915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4730 comm="syz.3.397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbbf456f749 code=0x7ffc0000
[   72.352714][ T4622] Process accounting paused
[   72.373388][ T4729] tipc: New replicast peer: 255.255.255.255
[   72.379520][ T4729] tipc: Enabled bearer <udp:s>, priority 10
[   72.431811][ T4736] netlink: 40 bytes leftover after parsing attributes in process `syz.4.399'.
[   72.432566][   T29] audit: type=1326 audit(1767523340.761:2916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4730 comm="syz.3.397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbbf456f749 code=0x7ffc0000
[   72.449547][ T4735] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   72.464198][   T29] audit: type=1326 audit(1767523340.761:2917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4730 comm="syz.3.397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbbf456f749 code=0x7ffc0000
[   72.486339][ T4736] syzkaller0: entered promiscuous mode
[   72.494170][   T29] audit: type=1326 audit(1767523340.761:2918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4730 comm="syz.3.397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbbf456f749 code=0x7ffc0000
[   72.499690][ T4736] syzkaller0: entered allmulticast mode
[   72.523109][   T29] audit: type=1326 audit(1767523340.761:2919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4730 comm="syz.3.397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbbf456f749 code=0x7ffc0000
[   72.523145][   T29] audit: type=1326 audit(1767523340.761:2920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4730 comm="syz.3.397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbbf456f749 code=0x7ffc0000
[   72.523170][   T29] audit: type=1326 audit(1767523340.761:2921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4730 comm="syz.3.397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbbf456f749 code=0x7ffc0000
[   72.523198][   T29] audit: type=1326 audit(1767523340.761:2922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4730 comm="syz.3.397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbbf456f749 code=0x7ffc0000
[   72.622334][   T29] audit: type=1326 audit(1767523340.761:2923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4730 comm="syz.3.397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbbf456df90 code=0x7ffc0000
[   72.622466][ T4736] tipc: Resetting bearer <eth:syzkaller0>
[   72.645743][   T29] audit: type=1326 audit(1767523340.761:2924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4730 comm="syz.3.397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbbf456f749 code=0x7ffc0000
[   72.691095][ T4734] tipc: Resetting bearer <eth:syzkaller0>
[   72.709993][ T4734] tipc: Disabling bearer <eth:syzkaller0>
[   72.779809][ T4747] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=4747 comm=syz.0.402
[   72.820835][ T4759] loop4: detected capacity change from 0 to 164
[   72.832961][ T4759] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   72.854476][ T4759] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   72.863023][ T4759] Symlink component flag not implemented
[   72.868800][ T4759] Symlink component flag not implemented
[   72.875068][ T4759] Symlink component flag not implemented (7)
[   72.881095][ T4759] Symlink component flag not implemented (116)
[   72.888938][ T4759] netlink: 8 bytes leftover after parsing attributes in process `syz.4.407'.
[   72.898411][ T4759] netlink: 8 bytes leftover after parsing attributes in process `syz.4.407'.
[   72.908234][ T4759] netlink: 8 bytes leftover after parsing attributes in process `syz.4.407'.
[   72.925132][ T4759] netlink: 8 bytes leftover after parsing attributes in process `syz.4.407'.
[   72.943451][ T4772] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=4772 comm=syz.0.408
[   72.971979][ T4774] loop4: detected capacity change from 0 to 128
[   72.990778][ T4774] FAT-fs (loop4): Directory bread(block 32) failed
[   72.997696][ T4774] FAT-fs (loop4): Directory bread(block 33) failed
[   73.004487][ T4774] FAT-fs (loop4): Directory bread(block 34) failed
[   73.011114][ T4774] FAT-fs (loop4): Directory bread(block 35) failed
[   73.017812][ T4774] FAT-fs (loop4): Directory bread(block 36) failed
[   73.024915][ T4774] FAT-fs (loop4): Directory bread(block 37) failed
[   73.031519][ T4774] FAT-fs (loop4): Directory bread(block 38) failed
[   73.038155][ T4774] FAT-fs (loop4): Directory bread(block 39) failed
[   73.044815][ T4774] FAT-fs (loop4): Directory bread(block 40) failed
[   73.051496][ T4774] FAT-fs (loop4): Directory bread(block 41) failed
[   73.176876][ T4784] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=4784 comm=syz.1.412
[   73.306080][ T4792] loop3: detected capacity change from 0 to 512
[   73.313125][ T4792] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   73.327844][ T4792] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.340744][ T4792] ext4 filesystem being mounted at /80/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   73.367759][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.551003][ T4808] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=4808 comm=syz.3.420
[   73.805658][ T4819] EXT4-fs: Ignoring removed nomblk_io_submit option
[   73.917553][ T4819] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   73.942734][ T4819] EXT4-fs: test_dummy_encryption option not supported
[   73.987910][ T4828] SET target dimension over the limit!
[   74.002320][ T4830] netlink: 12 bytes leftover after parsing attributes in process `syz.4.421'.
[   74.188391][ T4838] EXT4-fs: Ignoring removed nobh option
[   74.201275][ T4838] EXT4-fs: Ignoring removed orlov option
[   74.208232][ T4838] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   74.228363][ T4838] EXT4-fs (loop2): 1 truncate cleaned up
[   74.234606][ T4838] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   74.295175][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.329924][ T4850] sch_tbf: burst 22 is lower than device lo mtu (65550) !
[   74.462844][ T4854] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   74.477587][ T4854] ext4 filesystem being mounted at /80/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   74.491113][ T4854] FAULT_INJECTION: forcing a failure.
[   74.491113][ T4854] name failslab, interval 1, probability 0, space 0, times 0
[   74.503822][ T4854] CPU: 1 UID: 0 PID: 4854 Comm: syz.2.435 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   74.503850][ T4854] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   74.503936][ T4854] Call Trace:
[   74.503945][ T4854]  <TASK>
[   74.503955][ T4854]  __dump_stack+0x1d/0x30
[   74.503987][ T4854]  dump_stack_lvl+0x95/0xd0
[   74.504015][ T4854]  dump_stack+0x15/0x1b
[   74.504115][ T4854]  should_fail_ex+0x265/0x280
[   74.504145][ T4854]  should_failslab+0x8c/0xb0
[   74.504174][ T4854]  __kmalloc_noprof+0xb9/0x5a0
[   74.504203][ T4854]  ? ext4_xattr_block_set+0x24f/0x1a30
[   74.504269][ T4854]  ext4_xattr_block_set+0x24f/0x1a30
[   74.504347][ T4854]  ? errseq_check+0x2c/0x50
[   74.504391][ T4854]  ext4_xattr_set_handle+0xa4f/0xe70
[   74.504496][ T4854]  ext4_initxattrs+0x62/0xc0
[   74.504529][ T4854]  security_inode_init_security+0x249/0x320
[   74.504558][ T4854]  ? __pfx_ext4_initxattrs+0x10/0x10
[   74.504628][ T4854]  ext4_init_security+0x34/0x50
[   74.504728][ T4854]  __ext4_new_inode+0x2148/0x2330
[   74.504768][ T4854]  ext4_create+0x16e/0x2f0
[   74.504800][ T4854]  ? __pfx_ext4_create+0x10/0x10
[   74.504888][ T4854]  path_openat+0x1115/0x23b0
[   74.505006][ T4854]  do_filp_open+0x109/0x230
[   74.505061][ T4854]  do_sys_openat2+0xa6/0x150
[   74.505149][ T4854]  __x64_sys_creat+0x65/0x90
[   74.505179][ T4854]  x64_sys_call+0x2f1c/0x3000
[   74.505210][ T4854]  do_syscall_64+0xca/0x2b0
[   74.505287][ T4854]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.505307][ T4854] RIP: 0033:0x7f9b793ef749
[   74.505326][ T4854] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   74.505366][ T4854] RSP: 002b:00007f9b77e4f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[   74.505390][ T4854] RAX: ffffffffffffffda RBX: 00007f9b79645fa0 RCX: 00007f9b793ef749
[   74.505412][ T4854] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000
[   74.505426][ T4854] RBP: 00007f9b77e4f090 R08: 0000000000000000 R09: 0000000000000000
[   74.505478][ T4854] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   74.505490][ T4854] R13: 00007f9b79646038 R14: 00007f9b79645fa0 R15: 00007ffe648bbd28
[   74.505509][ T4854]  </TASK>
[   74.767810][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.783909][ T3323] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   74.806925][ T4858] netlink: 16 bytes leftover after parsing attributes in process `syz.1.436'.
[   74.819367][ T4858] netlink: 'syz.1.436': attribute type 10 has an invalid length.
[   74.838244][ T4858] 8021q: adding VLAN 0 to HW filter on device bond0
[   74.853594][ T4858] team0: Port device bond0 added
[   74.911106][ T4858] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.927226][ T4869] EXT4-fs: Ignoring removed bh option
[   74.943332][ T4858] ext4 filesystem being mounted at /92/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   74.954033][ T4869] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[   74.981965][ T4869] EXT4-fs (loop3): 1 truncate cleaned up
[   74.992048][ T4869] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.992170][ T4858] EXT4-fs error (device loop1): ext4_acquire_dquot:6986: comm syz.1.436: Failed to acquire dquot type 0
[   75.010487][ T4869] futex_wake_op: syz.3.438 tries to shift op by -1; fix this program
[   75.027419][ T4871] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=4871 comm=syz.4.441
[   75.061718][ T4884] EXT4-fs: Ignoring removed nobh option
[   75.067648][ T4884] EXT4-fs: Ignoring removed orlov option
[   75.074426][ T4884] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   75.086863][ T4875] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23 sclass=netlink_route_socket pid=4875 comm=syz.2.442
[   75.101004][ T4884] EXT4-fs (loop4): 1 truncate cleaned up
[   75.107297][ T4884] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   75.128906][ T4888] netlink: 8 bytes leftover after parsing attributes in process `syz.0.444'.
[   75.138402][ T4888] netlink: 8 bytes leftover after parsing attributes in process `syz.0.444'.
[   75.156467][ T3320] EXT4-fs error (device loop1): ext4_readdir:264: inode #2: block 3: comm syz-executor: path /92/file0: bad entry in directory: directory entry overrun - offset=60, inode=113, rec_len=2048, size=2048 fake=0
[   75.177145][ T4888] netlink: 8 bytes leftover after parsing attributes in process `syz.0.444'.
[   75.186953][ T3320] EXT4-fs error (device loop1): ext4_readdir:264: inode #2: block 12: comm syz-executor: path /92/file0: bad entry in directory: directory entry overrun - offset=0, inode=5066064, rec_len=65536, size=2048 fake=0
[   75.203963][ T4888] netlink: 8 bytes leftover after parsing attributes in process `syz.0.444'.
[   75.225939][ T3320] EXT4-fs error (device loop1): ext4_readdir:264: inode #2: block 13: comm syz-executor: path /92/file0: bad entry in directory: directory entry overrun - offset=0, inode=3653246737, rec_len=65536, size=2048 fake=0
[   75.249451][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.264420][ T4892] set_capacity_and_notify: 6 callbacks suppressed
[   75.264439][ T4892] loop2: detected capacity change from 0 to 128
[   75.290563][ T3320] EXT4-fs error (device loop1): ext4_acquire_dquot:6986: comm syz-executor: Failed to acquire dquot type 0
[   75.314440][ T4892] FAT-fs (loop2): Directory bread(block 32) failed
[   75.321055][ T4892] FAT-fs (loop2): Directory bread(block 33) failed
[   75.338920][ T4892] FAT-fs (loop2): Directory bread(block 34) failed
[   75.349332][ T4892] FAT-fs (loop2): Directory bread(block 35) failed
[   75.356402][ T4892] FAT-fs (loop2): Directory bread(block 36) failed
[   75.362993][ T4892] FAT-fs (loop2): Directory bread(block 37) failed
[   75.370121][ T4892] FAT-fs (loop2): Directory bread(block 38) failed
[   75.377312][ T4892] FAT-fs (loop2): Directory bread(block 39) failed
[   75.384979][ T4892] FAT-fs (loop2): Directory bread(block 40) failed
[   75.391632][ T4892] FAT-fs (loop2): Directory bread(block 41) failed
[   75.477667][ T4900] Unsupported ieee802154 address type: 0
[   75.484955][ T4900] netlink: 28 bytes leftover after parsing attributes in process `syz.2.450'.
[   75.526072][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.538425][ T2041] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   75.567365][ T2041] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   75.619121][ T2041] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   75.630421][ T4907] SET target dimension over the limit!
[   75.688740][ T2041] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   75.699407][ T4913] FAULT_INJECTION: forcing a failure.
[   75.699407][ T4913] name failslab, interval 1, probability 0, space 0, times 0
[   75.712142][ T4913] CPU: 1 UID: 0 PID: 4913 Comm: syz.2.456 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   75.712170][ T4913] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   75.712185][ T4913] Call Trace:
[   75.712192][ T4913]  <TASK>
[   75.712256][ T4913]  __dump_stack+0x1d/0x30
[   75.712287][ T4913]  dump_stack_lvl+0x95/0xd0
[   75.712314][ T4913]  dump_stack+0x15/0x1b
[   75.712339][ T4913]  should_fail_ex+0x265/0x280
[   75.712412][ T4913]  should_failslab+0x8c/0xb0
[   75.712440][ T4913]  __kmalloc_noprof+0xb9/0x5a0
[   75.712469][ T4913]  ? sock_kmalloc+0x85/0xc0
[   75.712505][ T4913]  ? terminate_walk+0x1e6/0x210
[   75.712604][ T4913]  ? iovec_from_user+0x5e/0x210
[   75.712642][ T4913]  sock_kmalloc+0x85/0xc0
[   75.712678][ T4913]  ____sys_sendmsg+0xf8/0x4a0
[   75.712779][ T4913]  ___sys_sendmsg+0x17b/0x1d0
[   75.712907][ T4913]  __x64_sys_sendmsg+0xd4/0x160
[   75.713046][ T4913]  x64_sys_call+0x17ba/0x3000
[   75.713076][ T4913]  do_syscall_64+0xca/0x2b0
[   75.713120][ T4913]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.713187][ T4913] RIP: 0033:0x7f9b793ef749
[   75.713202][ T4913] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.713224][ T4913] RSP: 002b:00007f9b77e4f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   75.713247][ T4913] RAX: ffffffffffffffda RBX: 00007f9b79645fa0 RCX: 00007f9b793ef749
[   75.713262][ T4913] RDX: 0000000000000000 RSI: 0000200000000740 RDI: 0000000000000003
[   75.713274][ T4913] RBP: 00007f9b77e4f090 R08: 0000000000000000 R09: 0000000000000000
[   75.713286][ T4913] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   75.713300][ T4913] R13: 00007f9b79646038 R14: 00007f9b79645fa0 R15: 00007ffe648bbd28
[   75.713322][ T4913]  </TASK>
[   75.730815][ T4916] netlink: 12 bytes leftover after parsing attributes in process `syz.4.455'.
[   75.745700][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.920270][ T4923] loop3: detected capacity change from 0 to 512
[   75.938399][ T4923] EXT4-fs: Ignoring removed nobh option
[   75.944344][ T4923] EXT4-fs: Ignoring removed orlov option
[   75.950313][ T4923] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   76.001219][ T4923] EXT4-fs (loop3): 1 truncate cleaned up
[   76.031148][ T4933] loop4: detected capacity change from 0 to 128
[   76.043424][ T2041] bridge_slave_1: left allmulticast mode
[   76.049368][ T2041] bridge_slave_1: left promiscuous mode
[   76.055255][ T2041] bridge0: port 2(bridge_slave_1) entered disabled state
[   76.064025][ T4923] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   76.077847][ T2041] bridge_slave_0: left allmulticast mode
[   76.083658][ T2041] bridge_slave_0: left promiscuous mode
[   76.089371][ T2041] bridge0: port 1(bridge_slave_0) entered disabled state
[   76.119633][ T4937] loop2: detected capacity change from 0 to 128
[   76.166151][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.176090][ T4937] FAT-fs (loop2): Directory bread(block 32) failed
[   76.185705][ T4937] FAT-fs (loop2): Directory bread(block 33) failed
[   76.193049][ T4937] FAT-fs (loop2): Directory bread(block 34) failed
[   76.200207][ T4937] FAT-fs (loop2): Directory bread(block 35) failed
[   76.206864][ T4937] FAT-fs (loop2): Directory bread(block 36) failed
[   76.253860][ T4937] FAT-fs (loop2): Directory bread(block 37) failed
[   76.279814][ T4937] FAT-fs (loop2): Directory bread(block 38) failed
[   76.286556][ T4937] FAT-fs (loop2): Directory bread(block 39) failed
[   76.293352][ T4937] FAT-fs (loop2): Directory bread(block 40) failed
[   76.300291][ T4937] FAT-fs (loop2): Directory bread(block 41) failed
[   76.307063][ T2041] team0: Port device bond0 removed
[   76.314650][ T2041] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   76.325171][ T2041] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   76.336267][ T2041] bond0 (unregistering): Released all slaves
[   76.375027][ T4908] lo speed is unknown, defaulting to 1000
[   76.388791][ T4937] SELinux:  policydb magic number 0x6c65732f does not match expected magic number 0xf97cff8c
[   76.400165][ T4945] SET target dimension over the limit!
[   76.417459][ T4937] SELinux: failed to load policy
[   76.428890][ T4937] FAT-fs (loop2): error, corrupted directory (invalid entries)
[   76.436534][ T4937] FAT-fs (loop2): Filesystem has been set read-only
[   76.455141][ T2041] hsr_slave_0: left promiscuous mode
[   76.467914][ T2041] hsr_slave_1: left promiscuous mode
[   76.473683][ T2041] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   76.481150][ T2041] batman_adv: batadv0: Removing interface: batadv_slave_0
[   76.489594][ T2041] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   76.497053][ T2041] batman_adv: batadv0: Removing interface: batadv_slave_1
[   76.519356][ T2041] veth1_macvtap: left promiscuous mode
[   76.525957][ T2041] veth0_macvtap: left promiscuous mode
[   76.531650][ T2041] veth1_vlan: left promiscuous mode
[   76.537228][ T2041] veth0_vlan: left promiscuous mode
[   76.647075][ T4977] netlink: 32 bytes leftover after parsing attributes in process `syz.3.471'.
[   76.656384][ T4976] netlink: 4 bytes leftover after parsing attributes in process `syz.3.471'.
[   76.669734][ T2041] team0 (unregistering): Port device team_slave_1 removed
[   76.697299][ T4981] loop3: detected capacity change from 0 to 2048
[   76.717963][ T4961] pimreg: entered allmulticast mode
[   76.727990][ T4981] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   76.744387][ T4961] pimreg: left allmulticast mode
[   76.749999][ T4981] EXT4-fs error (device loop3): ext4_find_extent:939: inode #2: comm syz.3.472: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[   76.772067][ T4981] EXT4-fs error (device loop3): ext4_find_extent:939: inode #2: comm syz.3.472: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[   76.790417][ T4981] EXT4-fs error (device loop3): ext4_find_extent:939: inode #2: comm syz.3.472: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[   76.821579][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.846889][ T4987] loop2: detected capacity change from 0 to 512
[   76.857164][ T4987] EXT4-fs: Ignoring removed nobh option
[   76.886924][ T4987] EXT4-fs: Ignoring removed orlov option
[   76.892861][ T4987] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   76.904959][ T4987] EXT4-fs (loop2): 1 truncate cleaned up
[   76.907959][ T4908] chnl_net:caif_netlink_parms(): no params data found
[   76.915917][ T4987] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   76.969249][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.016435][ T4908] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.023587][ T4908] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.031195][ T4908] bridge_slave_0: entered allmulticast mode
[   77.038004][ T4908] bridge_slave_0: entered promiscuous mode
[   77.045376][ T4908] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.052473][ T4908] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.060740][ T4908] bridge_slave_1: entered allmulticast mode
[   77.113864][ T4908] bridge_slave_1: entered promiscuous mode
[   77.129437][ T2041] IPVS: stop unused estimator thread 0...
[   77.144445][ T4908] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   77.158514][ T4908] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   77.176910][ T5018] SET target dimension over the limit!
[   77.188311][ T4908] team0: Port device team_slave_0 added
[   77.195700][ T4908] team0: Port device team_slave_1 added
[   77.236492][ T4908] batman_adv: batadv0: Adding interface: batadv_slave_0
[   77.243559][ T4908] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   77.269536][ T4908] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   77.281153][ T4908] batman_adv: batadv0: Adding interface: batadv_slave_1
[   77.288232][ T4908] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   77.314364][ T4908] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   77.356064][   T29] kauditd_printk_skb: 387 callbacks suppressed
[   77.356081][   T29] audit: type=1326 audit(1767523345.751:3308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5026 comm="syz.4.480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e8454f749 code=0x7ffc0000
[   77.385735][   T29] audit: type=1326 audit(1767523345.751:3309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5026 comm="syz.4.480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0e8454f749 code=0x7ffc0000
[   77.409479][   T29] audit: type=1326 audit(1767523345.751:3310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5026 comm="syz.4.480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e8454f749 code=0x7ffc0000
[   77.432920][   T29] audit: type=1326 audit(1767523345.751:3311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5026 comm="syz.4.480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e8454f749 code=0x7ffc0000
[   77.456280][   T29] audit: type=1326 audit(1767523345.751:3312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5026 comm="syz.4.480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0e8454f749 code=0x7ffc0000
[   77.479597][   T29] audit: type=1326 audit(1767523345.751:3313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5026 comm="syz.4.480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e8454f749 code=0x7ffc0000
[   77.503240][   T29] audit: type=1326 audit(1767523345.751:3314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5026 comm="syz.4.480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e8454f749 code=0x7ffc0000
[   77.526685][   T29] audit: type=1326 audit(1767523345.751:3315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5026 comm="syz.4.480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0e8454df90 code=0x7ffc0000
[   77.550266][   T29] audit: type=1326 audit(1767523345.751:3316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5026 comm="syz.4.480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e8454f749 code=0x7ffc0000
[   77.573674][   T29] audit: type=1326 audit(1767523345.751:3317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5026 comm="syz.4.480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f0e8454f749 code=0x7ffc0000
[   77.604020][ T4908] hsr_slave_0: entered promiscuous mode
[   77.611055][ T4908] hsr_slave_1: entered promiscuous mode
[   77.618261][ T4908] debugfs: 'hsr0' already exists in 'hsr'
[   77.624260][ T4908] Cannot create hsr debugfs directory
[   77.630507][ T5030] netlink: 8 bytes leftover after parsing attributes in process `syz.0.481'.
[   77.680292][ T5044] loop4: detected capacity change from 0 to 128
[   77.709647][ T5044] FAT-fs (loop4): Directory bread(block 32) failed
[   77.719347][ T5044] FAT-fs (loop4): Directory bread(block 33) failed
[   77.729603][ T5047] hub 2-0:1.0: USB hub found
[   77.735296][ T5047] hub 2-0:1.0: 8 ports detected
[   77.740398][ T5044] FAT-fs (loop4): Directory bread(block 34) failed
[   77.752885][ T5044] FAT-fs (loop4): Directory bread(block 35) failed
[   77.761037][ T5044] FAT-fs (loop4): Directory bread(block 36) failed
[   77.767903][ T5044] FAT-fs (loop4): Directory bread(block 37) failed
[   77.774665][ T5044] FAT-fs (loop4): Directory bread(block 38) failed
[   77.781430][ T5044] FAT-fs (loop4): Directory bread(block 39) failed
[   77.788828][ T5044] FAT-fs (loop4): Directory bread(block 40) failed
[   77.796206][ T5044] FAT-fs (loop4): Directory bread(block 41) failed
[   77.853997][ T5044] SELinux:  policydb magic number 0x6c65732f does not match expected magic number 0xf97cff8c
[   77.855869][ T4908] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   77.864407][ T5044] SELinux: failed to load policy
[   77.865027][ T5044] FAT-fs (loop4): error, corrupted directory (invalid entries)
[   77.883888][ T5044] FAT-fs (loop4): Filesystem has been set read-only
[   77.893544][ T4908] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   77.907071][ T5052] loop3: detected capacity change from 0 to 512
[   77.914129][ T5052] EXT4-fs: Ignoring removed nobh option
[   77.919802][ T5052] EXT4-fs: Ignoring removed orlov option
[   77.925708][ T4908] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   77.929900][ T5052] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   77.946140][ T4908] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   77.959585][ T5052] EXT4-fs (loop3): 1 truncate cleaned up
[   77.974569][ T5052] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   78.009967][ T5058] loop4: detected capacity change from 0 to 512
[   78.045197][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.077228][ T4908] 8021q: adding VLAN 0 to HW filter on device bond0
[   78.123346][ T5058] EXT4-fs (loop4): 1 orphan inode deleted
[   78.135272][   T37] EXT4-fs error (device loop4): ext4_release_dquot:7022: comm kworker/u8:2: Failed to release dquot type 1
[   78.154795][ T5058] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   78.175426][ T4908] 8021q: adding VLAN 0 to HW filter on device team0
[   78.194437][ T5058] ext4 filesystem being mounted at /100/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   78.213446][  T935] bridge0: port 1(bridge_slave_0) entered blocking state
[   78.220620][  T935] bridge0: port 1(bridge_slave_0) entered forwarding state
[   78.261192][  T935] bridge0: port 2(bridge_slave_1) entered blocking state
[   78.268398][  T935] bridge0: port 2(bridge_slave_1) entered forwarding state
[   78.328440][ T4908] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   78.338911][ T4908] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   78.410261][ T4908] 8021q: adding VLAN 0 to HW filter on device batadv0
[   78.585073][ T4908] veth0_vlan: entered promiscuous mode
[   78.611326][ T4908] veth1_vlan: entered promiscuous mode
[   78.638547][ T4908] veth0_macvtap: entered promiscuous mode
[   78.646338][ T4908] veth1_macvtap: entered promiscuous mode
[   78.658566][ T4908] batman_adv: batadv0: Interface activated: batadv_slave_0
[   78.671372][ T4908] batman_adv: batadv0: Interface activated: batadv_slave_1
[   78.687739][  T935] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   78.701459][ T5086] netlink: 3 bytes leftover after parsing attributes in process `{/}\'.
[   78.705188][  T935] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   78.726412][  T935] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   78.739991][  T935] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   78.751964][ T5086] 0ªX¹¦À: renamed from caif0
[   78.769773][ T5086] 0ªX¹¦À: entered allmulticast mode
[   78.775081][ T5086] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[   78.864862][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.876194][ T5131] loop3: detected capacity change from 0 to 128
[   78.907227][ T5131] FAT-fs (loop3): Directory bread(block 32) failed
[   78.935981][ T5131] FAT-fs (loop3): Directory bread(block 33) failed
[   78.942857][ T5131] FAT-fs (loop3): Directory bread(block 34) failed
[   78.950006][ T5131] FAT-fs (loop3): Directory bread(block 35) failed
[   78.957518][ T5131] FAT-fs (loop3): Directory bread(block 36) failed
[   78.964734][ T5131] FAT-fs (loop3): Directory bread(block 37) failed
[   78.971479][ T5131] FAT-fs (loop3): Directory bread(block 38) failed
[   78.978517][ T5131] FAT-fs (loop3): Directory bread(block 39) failed
[   78.985798][ T5131] FAT-fs (loop3): Directory bread(block 40) failed
[   78.992589][ T5131] FAT-fs (loop3): Directory bread(block 41) failed
[   79.006243][ T5135] EXT4-fs: Ignoring removed nomblk_io_submit option
[   79.029921][ T5135] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   79.051692][ T5135] EXT4-fs: test_dummy_encryption option not supported
[   79.177348][ T5141] EXT4-fs: Ignoring removed nobh option
[   79.191552][ T5141] EXT4-fs: Ignoring removed orlov option
[   79.198047][ T5141] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   79.211610][ T5141] EXT4-fs (loop3): 1 truncate cleaned up
[   79.218081][ T5141] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   79.297036][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.325665][ T5145] SET target dimension over the limit!
[   79.698153][ T5170] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   79.717657][ T5174] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   79.762152][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.791596][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.821968][ T5183] EXT4-fs: Ignoring removed nobh option
[   79.828796][ T5183] EXT4-fs: Ignoring removed orlov option
[   79.849161][ T5188] EXT4-fs: Ignoring removed nomblk_io_submit option
[   79.858156][ T5183] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   79.892794][ T5188] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   79.908813][ T5183] EXT4-fs (loop4): 1 truncate cleaned up
[   79.917907][ T5183] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   79.985753][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.258669][ T5220] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   80.277683][ T5220] EXT4-fs (loop4): 1 truncate cleaned up
[   80.290976][ T5220] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   80.362991][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.411567][ T5232] set_capacity_and_notify: 6 callbacks suppressed
[   80.411587][ T5232] loop4: detected capacity change from 0 to 128
[   80.449405][ T5232] FAT-fs (loop4): Directory bread(block 32) failed
[   80.461035][ T5232] FAT-fs (loop4): Directory bread(block 33) failed
[   80.467780][ T5232] FAT-fs (loop4): Directory bread(block 34) failed
[   80.475330][ T5232] FAT-fs (loop4): Directory bread(block 35) failed
[   80.481962][ T5232] FAT-fs (loop4): Directory bread(block 36) failed
[   80.488619][ T5232] FAT-fs (loop4): Directory bread(block 37) failed
[   80.493908][ T5231] loop2: detected capacity change from 0 to 8192
[   80.501876][ T5232] FAT-fs (loop4): Directory bread(block 38) failed
[   80.509669][ T5231] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   80.520720][ T5232] FAT-fs (loop4): Directory bread(block 39) failed
[   80.531880][ T5232] FAT-fs (loop4): Directory bread(block 40) failed
[   80.538685][ T5232] FAT-fs (loop4): Directory bread(block 41) failed
[   80.577177][ T5238] loop2: detected capacity change from 0 to 164
[   80.594286][ T5238] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   80.603136][ T5238] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   80.615856][ T5238] Symlink component flag not implemented
[   80.621567][ T5238] Symlink component flag not implemented
[   80.638307][ T5238] Symlink component flag not implemented (7)
[   80.644392][ T5238] Symlink component flag not implemented (116)
[   80.652169][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.675745][ T5238] __nla_validate_parse: 6 callbacks suppressed
[   80.675763][ T5238] netlink: 8 bytes leftover after parsing attributes in process `syz.2.527'.
[   80.691963][ T5246] netlink: '+}[@': attribute type 13 has an invalid length.
[   80.712643][ T5238] netlink: 8 bytes leftover after parsing attributes in process `syz.2.527'.
[   80.722395][ T5238] netlink: 8 bytes leftover after parsing attributes in process `syz.2.527'.
[   80.780387][ T5246] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[   80.796209][ T3934] lo speed is unknown, defaulting to 1000
[   80.805120][ T5174] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   80.817359][ T5238] netlink: 8 bytes leftover after parsing attributes in process `syz.2.527'.
[   80.882856][ T5257] loop2: detected capacity change from 0 to 1024
[   80.892761][ T5257] EXT4-fs: Ignoring removed nomblk_io_submit option
[   80.920336][ T5257] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   81.416593][ T5263] syz.2.533 (5263) used greatest stack depth: 7216 bytes left
[   81.428521][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.472756][ T5279] loop2: detected capacity change from 0 to 512
[   81.479530][ T5279] EXT4-fs: Ignoring removed nobh option
[   81.491367][ T5279] EXT4-fs: Ignoring removed orlov option
[   81.521358][ T5279] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   81.533202][ T5279] EXT4-fs (loop2): 1 truncate cleaned up
[   81.539609][ T5279] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   81.588344][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.660249][ T5290] netlink: 'syz.2.542': attribute type 10 has an invalid length.
[   82.072311][ T5292] loop3: detected capacity change from 0 to 164
[   82.083456][ T5292] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   82.092523][ T5292] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   82.101051][ T5292] Symlink component flag not implemented
[   82.106822][ T5292] Symlink component flag not implemented
[   82.112891][ T5292] Symlink component flag not implemented (7)
[   82.119083][ T5292] Symlink component flag not implemented (116)
[   82.125921][ T5292] netlink: 8 bytes leftover after parsing attributes in process `syz.3.543'.
[   82.135363][ T5292] netlink: 8 bytes leftover after parsing attributes in process `syz.3.543'.
[   82.144479][ T5292] netlink: 8 bytes leftover after parsing attributes in process `syz.3.543'.
[   82.153597][ T5292] netlink: 8 bytes leftover after parsing attributes in process `syz.3.543'.
[   82.167237][ T5174] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   82.217286][ T5174] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   82.261295][ T2730] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   82.273460][ T2730] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   82.286773][ T2730] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   82.299195][ T2730] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   82.375022][   T29] kauditd_printk_skb: 361 callbacks suppressed
[   82.375041][   T29] audit: type=1326 audit(1767523350.771:3678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5298 comm="syz.0.546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcf548f749 code=0x7ffc0000
[   82.443849][   T29] audit: type=1326 audit(1767523350.771:3679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5298 comm="syz.0.546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcf548f749 code=0x7ffc0000
[   82.467275][   T29] audit: type=1326 audit(1767523350.771:3680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5298 comm="syz.0.546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcf548f749 code=0x7ffc0000
[   82.490712][   T29] audit: type=1326 audit(1767523350.771:3681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5298 comm="syz.0.546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efcf548f749 code=0x7ffc0000
[   82.514076][   T29] audit: type=1326 audit(1767523350.771:3682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5298 comm="syz.0.546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcf548f749 code=0x7ffc0000
[   82.537472][   T29] audit: type=1326 audit(1767523350.771:3683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5298 comm="syz.0.546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcf548f749 code=0x7ffc0000
[   82.561078][   T29] audit: type=1326 audit(1767523350.771:3684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5298 comm="syz.0.546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcf548f749 code=0x7ffc0000
[   82.584843][   T29] audit: type=1326 audit(1767523350.771:3685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5298 comm="syz.0.546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcf548f749 code=0x7ffc0000
[   82.608315][   T29] audit: type=1326 audit(1767523350.771:3686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5298 comm="syz.0.546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efcf548f749 code=0x7ffc0000
[   82.631786][   T29] audit: type=1326 audit(1767523350.771:3687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5298 comm="syz.0.546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcf548f749 code=0x7ffc0000
[   82.640359][ T5308] loop2: detected capacity change from 0 to 512
[   82.672274][ T5308] EXT4-fs: Ignoring removed nobh option
[   82.679360][ T5308] EXT4-fs: Ignoring removed orlov option
[   82.695354][ T5308] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   82.717807][ T5308] EXT4-fs (loop2): 1 truncate cleaned up
[   82.731193][ T5308] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   82.757426][ T5321] FAULT_INJECTION: forcing a failure.
[   82.757426][ T5321] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   82.770578][ T5321] CPU: 0 UID: 0 PID: 5321 Comm: syz.5.554 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   82.770610][ T5321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   82.770623][ T5321] Call Trace:
[   82.770631][ T5321]  <TASK>
[   82.770639][ T5321]  __dump_stack+0x1d/0x30
[   82.770665][ T5321]  dump_stack_lvl+0x95/0xd0
[   82.770714][ T5321]  dump_stack+0x15/0x1b
[   82.770737][ T5321]  should_fail_ex+0x265/0x280
[   82.770781][ T5321]  should_fail+0xb/0x20
[   82.770806][ T5321]  should_fail_usercopy+0x1a/0x20
[   82.770836][ T5321]  _copy_from_user+0x1c/0xb0
[   82.770909][ T5321]  get_nodes+0x104/0x290
[   82.770954][ T5321]  __se_sys_migrate_pages+0x75/0x320
[   82.770997][ T5321]  __x64_sys_migrate_pages+0x55/0x70
[   82.771036][ T5321]  x64_sys_call+0x1cb1/0x3000
[   82.771060][ T5321]  do_syscall_64+0xca/0x2b0
[   82.771099][ T5321]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.771143][ T5321] RIP: 0033:0x7f29d9b9f749
[   82.771161][ T5321] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   82.771236][ T5321] RSP: 002b:00007f29d8607038 EFLAGS: 00000246 ORIG_RAX: 0000000000000100
[   82.771270][ T5321] RAX: ffffffffffffffda RBX: 00007f29d9df5fa0 RCX: 00007f29d9b9f749
[   82.771282][ T5321] RDX: 0000000000000000 RSI: 00000000000000fc RDI: 0000000000000000
[   82.771293][ T5321] RBP: 00007f29d8607090 R08: 0000000000000000 R09: 0000000000000000
[   82.771304][ T5321] R10: 0000200000000240 R11: 0000000000000246 R12: 0000000000000001
[   82.771316][ T5321] R13: 00007f29d9df6038 R14: 00007f29d9df5fa0 R15: 00007ffe807c2968
[   82.771480][ T5321]  </TASK>
[   82.965118][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.237355][ T5341] netlink: 16 bytes leftover after parsing attributes in process `syz.2.559'.
[   83.345563][ T5349] loop2: detected capacity change from 0 to 512
[   83.358608][ T5349] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   83.359800][ T5350] netlink: 12 bytes leftover after parsing attributes in process `syz.5.561'.
[   83.381230][ T5352] loop4: detected capacity change from 0 to 164
[   83.396934][ T5349] EXT4-fs (loop2): 1 truncate cleaned up
[   83.410861][ T5350] xt_bpf: check failed: parse error
[   83.417553][ T5352] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   83.427653][ T5349] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   83.475196][   T52] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[   83.511940][ T5356] loop3: detected capacity change from 0 to 1024
[   83.525006][   T52] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[   83.564000][ T2730] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[   83.573244][ T5356] EXT4-fs: Ignoring removed mblk_io_submit option
[   83.575064][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.594176][ T2730] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[   83.611309][ T5356] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   83.658943][ T5356] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[   83.676421][ T5356] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #3: block 2: comm syz.3.564: lblock 2 mapped to illegal pblock 2 (length 1)
[   83.691473][ T5356] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #3: block 48: comm syz.3.564: lblock 0 mapped to illegal pblock 48 (length 1)
[   83.706061][ T5356] EXT4-fs error (device loop3): ext4_acquire_dquot:6986: comm syz.3.564: Failed to acquire dquot type 0
[   83.723771][ T5356] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6298: Corrupt filesystem
[   83.733517][ T5356] EXT4-fs error (device loop3): ext4_evict_inode:253: inode #11: comm syz.3.564: mark_inode_dirty error
[   83.745056][ T5356] EXT4-fs warning (device loop3): ext4_evict_inode:256: couldn't mark inode dirty (err -117)
[   83.746816][ T5379] EXT4-fs: Ignoring removed nobh option
[   83.755491][ T5356] EXT4-fs (loop3): 1 orphan inode deleted
[   83.767316][ T5356] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   83.780083][ T2331] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #3: block 1: comm kworker/u8:13: lblock 1 mapped to illegal pblock 1 (length 1)
[   83.843189][ T2331] EXT4-fs error (device loop3): ext4_release_dquot:7022: comm kworker/u8:13: Failed to release dquot type 0
[   83.866843][ T5379] EXT4-fs: Ignoring removed orlov option
[   83.884784][ T5379] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   83.898623][ T5379] EXT4-fs (loop2): 1 truncate cleaned up
[   83.905083][ T5379] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   83.917313][ T5356] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.937270][ T5356] EXT4-fs error (device loop3): __ext4_get_inode_loc:4830: comm syz.3.564: Invalid inode table block 1 in block_group 0
[   83.961072][ T5356] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6298: Corrupt filesystem
[   83.970702][ T5356] EXT4-fs error (device loop3): ext4_quota_off:7270: inode #3: comm syz.3.564: mark_inode_dirty error
[   83.996341][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.078094][ T5411] SET target dimension over the limit!
[   84.134597][ T5416] 8021q: adding VLAN 0 to HW filter on device bond1
[   84.142694][ T5416] bridge0: port 3(bond1) entered blocking state
[   84.149101][ T5416] bridge0: port 3(bond1) entered disabled state
[   84.155746][ T5416] bond1: entered allmulticast mode
[   84.162306][ T5416] bond1: entered promiscuous mode
[   84.167827][ T5416] bridge0: port 3(bond1) entered blocking state
[   84.174159][ T5416] bridge0: port 3(bond1) entered forwarding state
[   84.604653][ T2331] bridge0: port 3(bond1) entered disabled state
[   84.807188][ T5438] syz.0.583 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   84.992728][ T5444] ip6gre0: entered promiscuous mode
[   85.001256][ T5444] team0: Device ip6gre0 is of different type
[   85.019884][ T5444] lo speed is unknown, defaulting to 1000
[   85.930530][ T5510] set_capacity_and_notify: 1 callbacks suppressed
[   85.930548][ T5510] loop3: detected capacity change from 0 to 128
[   85.956177][ T5509] loop4: detected capacity change from 0 to 512
[   85.969223][ T5510] FAT-fs (loop3): Directory bread(block 32) failed
[   85.979164][ T5509] EXT4-fs: Ignoring removed nobh option
[   85.984891][ T5510] FAT-fs (loop3): Directory bread(block 33) failed
[   85.991870][ T5513] netlink: 'syz.2.607': attribute type 142 has an invalid length.
[   85.995204][ T5509] EXT4-fs: Ignoring removed orlov option
[   85.999908][ T5510] FAT-fs (loop3): Directory bread(block 34) failed
[   86.019668][ T5514] __nla_validate_parse: 16 callbacks suppressed
[   86.019686][ T5514] netlink: 28 bytes leftover after parsing attributes in process `syz.5.606'.
[   86.032983][ T5509] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   86.034958][ T5514] netlink: 28 bytes leftover after parsing attributes in process `syz.5.606'.
[   86.053907][ T5510] FAT-fs (loop3): Directory bread(block 35) failed
[   86.062747][ T5510] FAT-fs (loop3): Directory bread(block 36) failed
[   86.070088][ T5510] FAT-fs (loop3): Directory bread(block 37) failed
[   86.070185][ T5518] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5518 comm=syz.2.607
[   86.078324][ T5510] FAT-fs (loop3): Directory bread(block 38) failed
[   86.095721][ T5509] EXT4-fs (loop4): 1 truncate cleaned up
[   86.101848][ T5509] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   86.113995][ T5510] FAT-fs (loop3): Directory bread(block 39) failed
[   86.124250][ T5510] FAT-fs (loop3): Directory bread(block 40) failed
[   86.124282][ T5517] netlink: 28 bytes leftover after parsing attributes in process `syz.5.606'.
[   86.130797][ T5510] FAT-fs (loop3): Directory bread(block 41) failed
[   86.139690][ T5517] netlink: 28 bytes leftover after parsing attributes in process `syz.5.606'.
[   86.195897][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.231255][ T5510] SELinux:  policydb magic number 0x6c65732f does not match expected magic number 0xf97cff8c
[   86.242390][ T5526] netlink: 8 bytes leftover after parsing attributes in process `syz.4.609'.
[   86.252443][ T5526] netlink: 8 bytes leftover after parsing attributes in process `syz.4.609'.
[   86.258824][ T5511] Process accounting resumed
[   86.262376][ T5526] netlink: 8 bytes leftover after parsing attributes in process `syz.4.609'.
[   86.275040][ T5510] SELinux: failed to load policy
[   86.284657][ T5510] FAT-fs (loop3): error, corrupted directory (invalid entries)
[   86.292370][ T5510] FAT-fs (loop3): Filesystem has been set read-only
[   86.307384][ T5526] netlink: 8 bytes leftover after parsing attributes in process `syz.4.609'.
[   86.319101][ T5531] netlink: 'syz.2.612': attribute type 3 has an invalid length.
[   86.328472][ T5531] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=36 sclass=netlink_tcpdiag_socket pid=5531 comm=syz.2.612
[   86.375292][ T5531] loop2: detected capacity change from 0 to 764
[   86.385605][ T5531] rock: directory entry would overflow storage
[   86.391819][ T5531] rock: sig=0x5245, size=8, remaining=5
[   86.442332][ T5545] openvswitch: netlink: Missing key (keys=40, expected=100)
[   86.466082][ T5545] lo speed is unknown, defaulting to 1000
[   86.547586][ T5554] loop3: detected capacity change from 0 to 512
[   86.572247][ T5554] EXT4-fs (loop3): 1 orphan inode deleted
[   86.579622][ T5554] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   86.592461][ T2331] EXT4-fs error (device loop3): ext4_release_dquot:7022: comm kworker/u8:13: Failed to release dquot type 1
[   86.604855][ T5554] ext4 filesystem being mounted at /121/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   86.642578][ T5556] loop5: detected capacity change from 0 to 512
[   86.672658][ T5556] EXT4-fs: Ignoring removed nobh option
[   86.696248][ T5556] EXT4-fs: Ignoring removed orlov option
[   86.708395][ T5565] loop4: detected capacity change from 0 to 128
[   86.716021][ T5556] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   86.735401][ T5565] FAT-fs (loop4): Directory bread(block 32) failed
[   86.742186][ T5565] FAT-fs (loop4): Directory bread(block 33) failed
[   86.752206][ T5565] FAT-fs (loop4): Directory bread(block 34) failed
[   86.766237][ T5556] EXT4-fs (loop5): 1 truncate cleaned up
[   86.768763][ T5565] FAT-fs (loop4): Directory bread(block 35) failed
[   86.776549][ T5556] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   86.790821][ T5565] FAT-fs (loop4): Directory bread(block 36) failed
[   86.799039][ T5565] FAT-fs (loop4): Directory bread(block 37) failed
[   86.812724][ T5565] FAT-fs (loop4): Directory bread(block 38) failed
[   86.819575][ T5565] FAT-fs (loop4): Directory bread(block 39) failed
[   86.827072][ T5565] FAT-fs (loop4): Directory bread(block 40) failed
[   86.833643][ T5565] FAT-fs (loop4): Directory bread(block 41) failed
[   86.859833][ T5569] loop2: detected capacity change from 0 to 128
[   86.894938][ T4908] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.994639][ T5576] netlink: 'syz.4.627': attribute type 3 has an invalid length.
[   87.002950][ T5576] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=36 sclass=netlink_tcpdiag_socket pid=5576 comm=syz.4.627
[   87.020094][ T5576] loop4: detected capacity change from 0 to 764
[   87.027506][ T5576] rock: directory entry would overflow storage
[   87.033761][ T5576] rock: sig=0x5245, size=8, remaining=5
[   87.060097][ T5579] program syz.4.628 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   87.192173][ T5602] SET target dimension over the limit!
[   87.217549][ T5599] IPv6: Can't replace route, no match found
[   87.227666][ T5606] loop2: detected capacity change from 0 to 512
[   87.238907][ T5606] EXT4-fs: Ignoring removed nobh option
[   87.245055][ T5606] EXT4-fs: Ignoring removed orlov option
[   87.251120][ T5606] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   87.263784][ T5606] EXT4-fs (loop2): 1 truncate cleaned up
[   87.273770][ T5606] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   87.318179][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.379471][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.391149][ T5614] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket pid=5614 comm=syz.0.639
[   87.585017][   T29] kauditd_printk_skb: 522 callbacks suppressed
[   87.585033][   T29] audit: type=1400 audit(1767523355.981:4206): avc:  denied  { block_suspend } for  pid=5619 comm="syz.2.641" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   88.009199][   T29] audit: type=1326 audit(1767523356.401:4207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5622 comm="syz.0.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcf548f749 code=0x7ffc0000
[   88.074068][   T29] audit: type=1326 audit(1767523356.431:4208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5622 comm="syz.0.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcf548f749 code=0x7ffc0000
[   88.097696][   T29] audit: type=1326 audit(1767523356.431:4209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5622 comm="syz.0.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcf548f749 code=0x7ffc0000
[   88.121151][   T29] audit: type=1326 audit(1767523356.431:4210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5622 comm="syz.0.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efcf548f749 code=0x7ffc0000
[   88.144681][   T29] audit: type=1326 audit(1767523356.431:4211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5622 comm="syz.0.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcf548f749 code=0x7ffc0000
[   88.168238][   T29] audit: type=1326 audit(1767523356.431:4212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5622 comm="syz.0.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcf548f749 code=0x7ffc0000
[   88.192054][   T29] audit: type=1326 audit(1767523356.431:4213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5622 comm="syz.0.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcf548f749 code=0x7ffc0000
[   88.215497][   T29] audit: type=1326 audit(1767523356.431:4214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5622 comm="syz.0.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efcf548f749 code=0x7ffc0000
[   88.238934][   T29] audit: type=1326 audit(1767523356.431:4215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5622 comm="syz.0.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcf548f749 code=0x7ffc0000
[   88.335480][ T5643] loop3: detected capacity change from 0 to 128
[   88.359301][ T5647] SET target dimension over the limit!
[   88.376199][ T5643] FAT-fs (loop3): Directory bread(block 32) failed
[   88.382795][ T5643] FAT-fs (loop3): Directory bread(block 33) failed
[   88.409663][ T5643] FAT-fs (loop3): Directory bread(block 34) failed
[   88.453969][ T5656] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4)
[   88.460547][ T5656] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   88.468153][ T5656] vhci_hcd vhci_hcd.0: Device attached
[   88.485441][ T5643] FAT-fs (loop3): Directory bread(block 35) failed
[   88.495519][ T5643] FAT-fs (loop3): Directory bread(block 36) failed
[   88.495568][ T5652] EXT4-fs (loop5): 1 orphan inode deleted
[   88.496721][ T5652] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   88.505781][ T5643] FAT-fs (loop3): Directory bread(block 37) failed
[   88.529971][ T2331] EXT4-fs error (device loop5): ext4_release_dquot:7022: comm kworker/u8:13: Failed to release dquot type 1
[   88.548325][ T5652] ext4 filesystem being mounted at /22/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   88.563560][ T5643] FAT-fs (loop3): Directory bread(block 38) failed
[   88.570395][ T5643] FAT-fs (loop3): Directory bread(block 39) failed
[   88.577436][ T5657] vhci_hcd: connection closed
[   88.577638][ T5643] FAT-fs (loop3): Directory bread(block 40) failed
[   88.577686][ T2331] vhci_hcd vhci_hcd.4: stop threads
[   88.577702][ T2331] vhci_hcd vhci_hcd.4: release socket
[   88.577724][ T2331] vhci_hcd vhci_hcd.4: disconnect device
[   88.606014][ T5643] FAT-fs (loop3): Directory bread(block 41) failed
[   88.738947][ T5688] FAULT_INJECTION: forcing a failure.
[   88.738947][ T5688] name failslab, interval 1, probability 0, space 0, times 0
[   88.751726][ T5688] CPU: 0 UID: 0 PID: 5688 Comm: syz.3.660 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   88.751759][ T5688] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   88.751775][ T5688] Call Trace:
[   88.751782][ T2730] Bluetooth: hci0: Frame reassembly failed (-84)
[   88.751842][ T5688]  <TASK>
[   88.751875][ T5688]  __dump_stack+0x1d/0x30
[   88.751991][ T5688]  dump_stack_lvl+0x95/0xd0
[   88.752068][ T5688]  dump_stack+0x15/0x1b
[   88.752197][ T5688]  should_fail_ex+0x265/0x280
[   88.752279][ T5688]  should_failslab+0x8c/0xb0
[   88.752354][ T5688]  kmem_cache_alloc_noprof+0x69/0x4b0
[   88.752428][ T5688]  ? skb_clone+0x151/0x1f0
[   88.752572][ T5688]  skb_clone+0x151/0x1f0
[   88.752666][ T5688]  __netlink_deliver_tap+0x2c9/0x500
[   88.752785][ T5688]  netlink_unicast+0x66b/0x690
[   88.752947][ T5688]  netlink_sendmsg+0x58b/0x6b0
[   88.753057][ T5688]  ? __pfx_netlink_sendmsg+0x10/0x10
[   88.753175][ T5688]  __sock_sendmsg+0x145/0x180
[   88.753244][ T5688]  ____sys_sendmsg+0x31e/0x4a0
[   88.753379][ T5688]  ___sys_sendmsg+0x17b/0x1d0
[   88.753559][ T5688]  __x64_sys_sendmsg+0xd4/0x160
[   88.753668][ T5688]  x64_sys_call+0x17ba/0x3000
[   88.753851][ T5688]  do_syscall_64+0xca/0x2b0
[   88.753961][ T5688]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.754028][ T5688] RIP: 0033:0x7fbbf456f749
[   88.754080][ T5688] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   88.754143][ T5688] RSP: 002b:00007fbbf2fcf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   88.754206][ T5688] RAX: ffffffffffffffda RBX: 00007fbbf47c5fa0 RCX: 00007fbbf456f749
[   88.754253][ T5688] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000005
[   88.754295][ T5688] RBP: 00007fbbf2fcf090 R08: 0000000000000000 R09: 0000000000000000
[   88.754336][ T5688] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   88.754371][ T5688] R13: 00007fbbf47c6038 R14: 00007fbbf47c5fa0 R15: 00007ffd3ec7b068
[   88.754473][ T5688]  </TASK>
[   88.963244][ T5694] EXT4-fs: Ignoring removed nomblk_io_submit option
[   88.970782][ T5697] EXT4-fs: Ignoring removed nobh option
[   88.981524][ T5697] EXT4-fs: Ignoring removed orlov option
[   88.990445][ T5697] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   89.002893][ T5697] EXT4-fs (loop3): 1 truncate cleaned up
[   89.009230][ T5697] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   89.023812][ T5694] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   89.075961][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.110146][ T5713] mmap: syz.4.664 (5713) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   89.195106][ T5721] SET target dimension over the limit!
[   89.279689][ T4908] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.653990][ T5757] SET target dimension over the limit!
[   89.768831][ T5762] EXT4-fs (loop2): 1 orphan inode deleted
[   89.776612][ T5762] ext4 filesystem being mounted at /134/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   89.787274][ T2041] EXT4-fs error (device loop2): ext4_release_dquot:7022: comm kworker/u8:12: Failed to release dquot type 1
[   90.255755][ T5752] FAULT_INJECTION: forcing a failure.
[   90.255755][ T5752] name fail_futex, interval 1, probability 0, space 0, times 1
[   90.257440][ T5814] SET target dimension over the limit!
[   90.268620][ T5752] CPU: 1 UID: 0 PID: 5752 Comm: syz.5.672 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   90.268764][ T5752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   90.268817][ T5752] Call Trace:
[   90.268843][ T5752]  <TASK>
[   90.268872][ T5752]  __dump_stack+0x1d/0x30
[   90.269017][ T5752]  dump_stack_lvl+0x95/0xd0
[   90.269094][ T5752]  dump_stack+0x15/0x1b
[   90.269163][ T5752]  should_fail_ex+0x265/0x280
[   90.269236][ T5752]  should_fail+0xb/0x20
[   90.269379][ T5752]  get_futex_key+0x130/0xc00
[   90.269482][ T5752]  futex_wake+0x7d/0x360
[   90.269629][ T5752]  ? perf_lock_task_context+0x260/0x2d0
[   90.269733][ T5752]  do_futex+0x323/0x380
[   90.269844][ T5752]  mm_release+0xa1/0x190
[   90.269893][ T5752]  exit_mm_release+0x25/0x30
[   90.269952][ T5752]  exit_mm+0x38/0x180
[   90.270026][ T5752]  do_exit+0x3fb/0x1590
[   90.270237][ T5752]  do_group_exit+0xff/0x140
[   90.270323][ T5752]  ? get_signal+0xe50/0xf70
[   90.270409][ T5752]  get_signal+0xe58/0xf70
[   90.270512][ T5752]  ? do_recvmmsg+0x4e6/0x540
[   90.270617][ T5752]  arch_do_signal_or_restart+0x96/0x450
[   90.270725][ T5752]  exit_to_user_mode_loop+0x6a/0x740
[   90.270834][ T5752]  ? __x64_sys_recvmmsg+0xe5/0x170
[   90.270937][ T5752]  do_syscall_64+0x1e1/0x2b0
[   90.271143][ T5752]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.271213][ T5752] RIP: 0033:0x7f29d9b9f749
[   90.271344][ T5752] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   90.271403][ T5752] RSP: 002b:00007f29d85e6038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[   90.271464][ T5752] RAX: fffffffffffffe00 RBX: 00007f29d9df6090 RCX: 00007f29d9b9f749
[   90.271513][ T5752] RDX: 0000000000000001 RSI: 0000200000000600 RDI: 0000000000000003
[   90.271554][ T5752] RBP: 00007f29d85e6090 R08: 0000000000000000 R09: 0000000000000000
[   90.271597][ T5752] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[   90.271648][ T5752] R13: 00007f29d9df6128 R14: 00007f29d9df6090 R15: 00007ffe807c2968
[   90.271710][ T5752]  </TASK>
[   90.398716][ T5813] EXT4-fs: Ignoring removed nomblk_io_submit option
[   90.611854][ T5846] ext4 filesystem being mounted at /135/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   90.763782][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   90.763894][ T3521] Bluetooth: hci0: command 0x1003 tx timeout
[   91.302153][ T5871] set_capacity_and_notify: 6 callbacks suppressed
[   91.302172][ T5871] loop4: detected capacity change from 0 to 512
[   91.351547][ T5876] Cannot find add_set index 0 as target
[   91.369237][ T5880] SET target dimension over the limit!
[   91.376211][ T5871] EXT4-fs (loop4): 1 orphan inode deleted
[   91.387640][ T5871] ext4 filesystem being mounted at /154/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   91.398252][ T2041] EXT4-fs error (device loop4): ext4_release_dquot:7022: comm kworker/u8:12: Failed to release dquot type 1
[   91.511172][ T5896] loop5: detected capacity change from 0 to 512
[   91.529957][ T5896] ext4 filesystem being mounted at /29/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   91.555370][ T5899] loop3: detected capacity change from 0 to 1024
[   91.569867][ T5899] EXT4-fs: Ignoring removed nomblk_io_submit option
[   91.617730][ T2730] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[   91.632974][ T2730] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 957 with error 28
[   91.645444][ T2730] EXT4-fs (loop5): This should not happen!! Data will be lost
[   91.645444][ T2730] 
[   91.655159][ T2730] EXT4-fs (loop5): Total free blocks count 0
[   91.661197][ T2730] EXT4-fs (loop5): Free/Dirty block details
[   91.667149][ T2730] EXT4-fs (loop5): free_blocks=65280
[   91.672493][ T2730] EXT4-fs (loop5): dirty_blocks=959
[   91.677767][ T2730] EXT4-fs (loop5): Block reservation details
[   91.683809][ T2730] EXT4-fs (loop5): i_reserved_data_blocks=959
[   91.757043][ T5915] loop2: detected capacity change from 0 to 512
[   91.763965][ T5915] EXT4-fs: Ignoring removed nobh option
[   91.773378][ T5913] netlink: 4 bytes leftover after parsing attributes in process `syz.5.715'.
[   91.788194][ T5915] ext4 filesystem being mounted at /141/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   91.794165][ T5913] bridge_slave_1: left allmulticast mode
[   91.804474][ T5913] bridge_slave_1: left promiscuous mode
[   91.806908][ T5917] netlink: 4 bytes leftover after parsing attributes in process `syz.5.715'.
[   91.810310][ T5913] bridge0: port 2(bridge_slave_1) entered disabled state
[   91.826812][ T5915] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #2: comm syz.2.716: corrupted inode contents
[   91.844514][ T5913] bridge_slave_0: left allmulticast mode
[   91.850211][ T5913] bridge_slave_0: left promiscuous mode
[   91.853126][ T5915] EXT4-fs error (device loop2): ext4_dirty_inode:6502: inode #2: comm syz.2.716: mark_inode_dirty error
[   91.856213][ T5913] bridge0: port 1(bridge_slave_0) entered disabled state
[   91.873180][ T5915] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #2: comm syz.2.716: corrupted inode contents
[   91.897178][ T5915] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #2: comm syz.2.716: mark_inode_dirty error
[   91.999396][ T5932] loop5: detected capacity change from 0 to 512
[   92.008792][ T5932] EXT4-fs: Ignoring removed nobh option
[   92.021632][ T5932] EXT4-fs: Ignoring removed orlov option
[   92.028135][ T5932] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   92.040179][ T5932] EXT4-fs (loop5): 1 truncate cleaned up
[   92.047267][ T5941] SET target dimension over the limit!
[   92.075321][ T5943] loop2: detected capacity change from 0 to 1024
[   92.084029][ T5943] ext4: Bad value for 'max_dir_size_kb'
[   92.244950][ T5961] loop5: detected capacity change from 0 to 128
[   92.256597][ T5959] netlink: 4 bytes leftover after parsing attributes in process `syz.0.730'.
[   92.297484][ T5961] FAT-fs (loop5): Directory bread(block 32) failed
[   92.304238][ T5961] FAT-fs (loop5): Directory bread(block 33) failed
[   92.311048][ T5961] FAT-fs (loop5): Directory bread(block 34) failed
[   92.312676][ T5963] loop4: detected capacity change from 0 to 512
[   92.325143][ T5963] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   92.325674][ T5961] FAT-fs (loop5): Directory bread(block 35) failed
[   92.346209][ T5961] FAT-fs (loop5): Directory bread(block 36) failed
[   92.354168][ T5961] FAT-fs (loop5): Directory bread(block 37) failed
[   92.361049][ T5961] FAT-fs (loop5): Directory bread(block 38) failed
[   92.361472][ T5963] EXT4-fs (loop4): 1 truncate cleaned up
[   92.368801][ T5961] FAT-fs (loop5): Directory bread(block 39) failed
[   92.380424][ T5961] FAT-fs (loop5): Directory bread(block 40) failed
[   92.387063][ T5961] FAT-fs (loop5): Directory bread(block 41) failed
[   92.427100][ T5963] netlink: 48 bytes leftover after parsing attributes in process `syz.4.732'.
[   92.462411][ T5967] loop3: detected capacity change from 0 to 1024
[   92.528660][ T5967] EXT4-fs: Ignoring removed bh option
[   92.592382][ T5967] EXT4-fs error (device loop3): mb_free_blocks:2037: group 0, inode 15: block 273:freeing already freed block (bit 17); block bitmap corrupt.
[   92.614547][   T29] kauditd_printk_skb: 625 callbacks suppressed
[   92.614567][   T29] audit: type=1400 audit(1767523361.011:4838): avc:  denied  { ioctl } for  pid=5977 comm="syz.5.737" path="/dev/virtual_nci" dev="devtmpfs" ino=132 ioctlcmd=0x0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   92.621485][ T5967] EXT4-fs (loop3): Remounting filesystem read-only
[   92.652346][ T5967] EXT4-fs warning (device loop3): ext4_convert_unwritten_extents:4984: inode #15: block 64: len 64: ext4_ext_map_blocks returned -30
[   92.669239][   T29] audit: type=1400 audit(1767523361.061:4839): avc:  denied  { read } for  pid=5977 comm="syz.5.737" name="sg0" dev="devtmpfs" ino=137 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   92.692797][   T29] audit: type=1400 audit(1767523361.061:4840): avc:  denied  { open } for  pid=5977 comm="syz.5.737" path="/dev/sg0" dev="devtmpfs" ino=137 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   92.705279][ T5986] SET target dimension over the limit!
[   92.716671][   T29] audit: type=1400 audit(1767523361.061:4841): avc:  denied  { allowed } for  pid=5965 comm="syz.3.733" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[   92.741549][   T29] audit: type=1400 audit(1767523361.061:4842): avc:  denied  { create } for  pid=5965 comm="syz.3.733" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   92.762745][   T29] audit: type=1400 audit(1767523361.061:4843): avc:  denied  { map } for  pid=5965 comm="syz.3.733" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=12594 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   92.786910][   T29] audit: type=1400 audit(1767523361.061:4844): avc:  denied  { read write } for  pid=5965 comm="syz.3.733" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=12594 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   92.835754][   T29] audit: type=1400 audit(1767523361.231:4845): avc:  denied  { create } for  pid=5988 comm="syz.0.740" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[   92.866374][ T5993] loop3: detected capacity change from 0 to 512
[   92.887242][ T5993] EXT4-fs (loop3): 1 orphan inode deleted
[   92.894294][ T5993] ext4 filesystem being mounted at /141/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   92.908772][ T2730] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14
[   92.918589][ T2730] EXT4-fs error (device loop3): ext4_release_dquot:7022: comm kworker/u8:15: Failed to release dquot type 1
[   92.933075][   T29] audit: type=1400 audit(1767523361.331:4846): avc:  denied  { read append open } for  pid=5990 comm="syz.3.739" path="/141/file1/cpu.stat" dev="loop3" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   92.958796][ T3322] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[   92.969749][ T3322] CPU: 1 UID: 0 PID: 3322 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(voluntary) 
[   92.969876][ T3322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   92.969969][ T3322] Call Trace:
[   92.969976][ T3322]  <TASK>
[   92.969984][ T3322]  __dump_stack+0x1d/0x30
[   92.970062][ T3322]  dump_stack_lvl+0x95/0xd0
[   92.970088][ T3322]  dump_stack+0x15/0x1b
[   92.970117][ T3322]  dump_header+0x81/0x240
[   92.970137][ T3322]  oom_kill_process+0x295/0x350
[   92.970160][ T3322]  out_of_memory+0x97b/0xb80
[   92.970190][ T3322]  try_charge_memcg+0x610/0xa10
[   92.970243][ T3322]  charge_memcg+0x51/0xc0
[   92.970297][ T3322]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[   92.970362][ T3322]  __read_swap_cache_async+0x17b/0x2d0
[   92.970401][ T3322]  swap_cluster_readahead+0x262/0x3c0
[   92.970490][ T3322]  swapin_readahead+0xde/0x820
[   92.970524][ T3322]  ? next_uptodate_folio+0x81c/0x890
[   92.970577][ T3322]  ? percpu_counter_add_batch+0xb6/0x130
[   92.970605][ T3322]  ? __rcu_read_unlock+0x4f/0x70
[   92.970630][ T3322]  ? swap_cache_get_folio+0x277/0x280
[   92.970668][ T3322]  do_swap_page+0x2b4/0x21e0
[   92.970785][ T3322]  ? __pfx_default_wake_function+0x10/0x10
[   92.970877][ T3322]  handle_mm_fault+0x9d8/0x2c60
[   92.970975][ T3322]  do_user_addr_fault+0x630/0x1080
[   92.971013][ T3322]  exc_page_fault+0x62/0xa0
[   92.971048][ T3322]  asm_exc_page_fault+0x26/0x30
[   92.971094][ T3322] RIP: 0033:0x7f0e84425fd7
[   92.971125][ T3322] Code: 00 00 48 b8 db 34 b6 d7 82 de 1b 43 48 f7 a4 24 98 00 00 00 48 8b 05 c8 f7 ea 00 48 69 8c 24 90 00 00 00 e8 03 00 00 8b 78 08 <48> 8b 44 24 18 48 c1 ea 12 4c 8b 0d d9 f6 ea 00 48 01 d1 39 7c 24
[   92.971144][ T3322] RSP: 002b:00007fff6dad2fa0 EFLAGS: 00010206
[   92.971159][ T3322] RAX: 0000001b34224000 RBX: 000000000000018e RCX: 0000000000016760
[   92.971172][ T3322] RDX: 000000000d28dff7 RSI: 00007fff6dad3030 RDI: 000000000000001d
[   92.971184][ T3322] RBP: 00007fff6dad2fdc R08: 0000000032333cdc R09: 7fffffffffffffff
[   92.971195][ T3322] R10: 3fffffffffffffff R11: 0000000000000202 R12: 0000000000001388
[   92.971238][ T3322] R13: 00000000000927c0 R14: 0000000000016952 R15: 00007fff6dad3030
[   92.971262][ T3322]  </TASK>
[   92.971271][ T3322] memory: usage 307200kB, limit 307200kB, failcnt 2530
[   93.187991][ T3322] memory+swap: usage 269172kB, limit 9007199254740988kB, failcnt 0
[   93.196027][ T3322] kmem: usage 262308kB, limit 9007199254740988kB, failcnt 0
[   93.203367][ T3322] Memory cgroup stats for /syz4:
[   93.206727][ T3322] cache 4096
[   93.215071][ T3322] rss 4096
[   93.218189][ T3322] shmem 0
[   93.221152][ T3322] mapped_file 0
[   93.224795][ T3322] dirty 0
[   93.227770][ T3322] writeback 4096
[   93.231409][ T3322] workingset_refault_anon 12
[   93.236117][ T3322] workingset_refault_file 1
[   93.240643][ T3322] swap 446464
[   93.243976][ T3322] swapcached 40960
[   93.247725][ T3322] pgpgin 62433
[   93.251178][ T3322] pgpgout 62421
[   93.254669][ T3322] pgfault 53099
[   93.258149][ T3322] pgmajfault 11
[   93.261627][ T3322] inactive_anon 28672
[   93.265721][ T3322] active_anon 12288
[   93.269550][ T3322] inactive_file 0
[   93.273285][ T3322] active_file 4096
[   93.277049][ T3322] unevictable 0
[   93.280536][ T3322] hierarchical_memory_limit 314572800
[   93.285963][ T3322] hierarchical_memsw_limit 9223372036854771712
[   93.292222][ T3322] total_cache 4096
[   93.295981][ T3322] total_rss 4096
[   93.299545][ T3322] total_shmem 0
[   93.303027][ T3322] total_mapped_file 0
[   93.307054][ T3322] total_dirty 0
[   93.310537][ T3322] total_writeback 4096
[   93.314699][ T3322] total_workingset_refault_anon 12
[   93.319863][ T3322] total_workingset_refault_file 1
[   93.324939][ T3322] total_swap 446464
[   93.328828][ T3322] total_swapcached 40960
[   93.333097][ T3322] total_pgpgin 62433
[   93.337063][ T3322] total_pgpgout 62421
[   93.341067][ T3322] total_pgfault 53099
[   93.345092][ T3322] total_pgmajfault 11
[   93.349088][ T3322] total_inactive_anon 28672
[   93.353611][ T3322] total_active_anon 12288
[   93.357981][ T3322] total_inactive_file 0
[   93.362147][ T3322] total_active_file 4096
[   93.366432][ T3322] total_unevictable 0
[   93.370487][ T3322] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.732,pid=5962,uid=0
[   93.385174][ T3322] Memory cgroup out of memory: Killed process 5962 (syz.4.732) total-vm:93968kB, anon-rss:1264kB, file-rss:22440kB, shmem-rss:0kB, UID:0 pgtables:132kB oom_score_adj:1000
[   93.429215][ T6001] xt_policy: input policy not valid in POSTROUTING and OUTPUT
[   93.462245][ T6001] ext4 filesystem being mounted at /146/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   93.512555][ T6009] EXT4-fs: Ignoring removed nomblk_io_submit option
[   93.547137][ T6013] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[   93.557774][ T6013] ip6gre0: entered promiscuous mode
[   93.567133][ T6013] team0: Device ip6gre0 is of different type
[   93.633370][ T6019] FAT-fs (loop2): Directory bread(block 32) failed
[   93.647558][ T6017] EXT4-fs: Ignoring removed nobh option
[   93.658921][ T6019] FAT-fs (loop2): Directory bread(block 33) failed
[   93.668318][ T6017] EXT4-fs: Ignoring removed orlov option
[   93.675282][ T6017] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   93.691870][ T6019] FAT-fs (loop2): Directory bread(block 34) failed
[   93.701019][ T6019] FAT-fs (loop2): Directory bread(block 35) failed
[   93.707972][ T6019] FAT-fs (loop2): Directory bread(block 36) failed
[   93.715487][ T6019] FAT-fs (loop2): Directory bread(block 37) failed
[   93.722047][ T6017] EXT4-fs (loop4): 1 truncate cleaned up
[   93.728025][ T6019] FAT-fs (loop2): Directory bread(block 38) failed
[   93.734708][ T6019] FAT-fs (loop2): Directory bread(block 39) failed
[   93.741521][ T6019] FAT-fs (loop2): Directory bread(block 40) failed
[   93.748573][ T6019] FAT-fs (loop2): Directory bread(block 41) failed
[   93.772772][ T6019] SELinux:  policydb magic number 0x6c65732f does not match expected magic number 0xf97cff8c
[   93.783104][ T6019] SELinux: failed to load policy
[   93.788479][ T6019] FAT-fs (loop2): error, corrupted directory (invalid entries)
[   93.796125][ T6019] FAT-fs (loop2): Filesystem has been set read-only
[   93.856115][ T6027] EXT4-fs: Ignoring removed bh option
[   93.922821][ T6043] SET target dimension over the limit!
[   94.080227][ T6049] xt_policy: input policy not valid in POSTROUTING and OUTPUT
[   94.112117][ T6061] ext4 filesystem being mounted at /164/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   94.201762][ T6061] openvswitch: netlink: Missing key (keys=40, expected=2000)
[   94.239653][ T6064] EXT4-fs (loop2): 1 orphan inode deleted
[   94.250679][ T6067] FAT-fs (loop3): Directory bread(block 32) failed
[   94.254144][   T12] EXT4-fs error (device loop2): ext4_release_dquot:7022: comm kworker/u8:0: Failed to release dquot type 1
[   94.263813][ T6067] FAT-fs (loop3): Directory bread(block 33) failed
[   94.287001][ T6067] FAT-fs (loop3): Directory bread(block 34) failed
[   94.293610][ T6067] FAT-fs (loop3): Directory bread(block 35) failed
[   94.314058][ T6067] FAT-fs (loop3): Directory bread(block 36) failed
[   94.321324][ T6064] ext4 filesystem being mounted at /150/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   94.368233][ T6067] FAT-fs (loop3): Directory bread(block 37) failed
[   94.426946][ T6074] EXT4-fs: Ignoring removed nobh option
[   94.430366][ T6067] FAT-fs (loop3): Directory bread(block 38) failed
[   94.440492][ T6067] FAT-fs (loop3): Directory bread(block 39) failed
[   94.447616][ T6067] FAT-fs (loop3): Directory bread(block 40) failed
[   94.454529][ T6074] EXT4-fs: Ignoring removed orlov option
[   94.464447][ T6067] FAT-fs (loop3): Directory bread(block 41) failed
[   94.471162][ T6074] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   94.533423][ T6067] SELinux:  policydb magic number 0x6c65732f does not match expected magic number 0xf97cff8c
[   94.545041][ T6074] EXT4-fs (loop5): 1 truncate cleaned up
[   94.567196][ T6067] SELinux: failed to load policy
[   94.610779][ T6086] FAT-fs (loop3): error, corrupted directory (invalid entries)
[   94.618551][ T6086] FAT-fs (loop3): Filesystem has been set read-only
[   94.661405][ T6089] SET target dimension over the limit!
[   94.732523][ T6098] batadv0: entered promiscuous mode
[   94.743284][ T6098] 8021q: adding VLAN 0 to HW filter on device macvtap1
[   94.751029][ T2331] ==================================================================
[   94.759175][ T2331] BUG: KCSAN: data-race in nci_dev_up / nci_req_complete
[   94.766268][ T2331] 
[   94.768632][ T2331] write to 0xffff88811bfb69a0 of 4 bytes by task 6091 on cpu 1:
[   94.776293][ T2331]  nci_dev_up+0x272/0x8f0
[   94.780669][ T2331]  nfc_dev_up+0x103/0x1b0
[   94.785030][ T2331]  nfc_genl_dev_up+0x53/0x90
[   94.789656][ T2331]  genl_family_rcv_msg_doit+0x143/0x1b0
[   94.795234][ T2331]  genl_rcv_msg+0x422/0x460
[   94.799767][ T2331]  netlink_rcv_skb+0x123/0x220
[   94.804586][ T2331]  genl_rcv+0x28/0x40
[   94.808694][ T2331]  netlink_unicast+0x5c0/0x690
[   94.813498][ T2331]  netlink_sendmsg+0x58b/0x6b0
[   94.818307][ T2331]  __sock_sendmsg+0x145/0x180
[   94.823010][ T2331]  ____sys_sendmsg+0x31e/0x4a0
[   94.827810][ T2331]  ___sys_sendmsg+0x17b/0x1d0
[   94.832520][ T2331]  __x64_sys_sendmsg+0xd4/0x160
[   94.837418][ T2331]  x64_sys_call+0x17ba/0x3000
[   94.842127][ T2331]  do_syscall_64+0xca/0x2b0
[   94.846672][ T2331]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.852593][ T2331] 
[   94.854961][ T2331] read to 0xffff88811bfb69a0 of 4 bytes by task 2331 on cpu 0:
[   94.862526][ T2331]  nci_req_complete+0x23/0x90
[   94.867238][ T2331]  nci_rsp_packet+0xc6f/0xe30
[   94.871941][ T2331]  nci_rx_work+0x16f/0x2c0
[   94.876411][ T2331]  process_scheduled_works+0x4ce/0x9d0
[   94.881894][ T2331]  worker_thread+0x582/0x770
[   94.886507][ T2331]  kthread+0x489/0x510
[   94.890610][ T2331]  ret_from_fork+0x149/0x290
[   94.895232][ T2331]  ret_from_fork_asm+0x1a/0x30
[   94.900025][ T2331] 
[   94.902363][ T2331] value changed: 0x00000000 -> 0x00000001
[   94.908095][ T2331] 
[   94.910439][ T2331] Reported by Kernel Concurrency Sanitizer on:
[   94.916616][ T2331] CPU: 0 UID: 0 PID: 2331 Comm: kworker/u8:13 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   94.926618][ T2331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   94.936700][ T2331] Workqueue: nfc2_nci_rx_wq nci_rx_work
[   94.942283][ T2331] ==================================================================
[   94.959310][ T6098] batadv0: left promiscuous mode
[   94.995133][ T6101] netlink: 'syz.5.771': attribute type 1 has an invalid length.
[   95.003165][ T6101] netlink: 4 bytes leftover after parsing attributes in process `syz.5.771'.