last executing test programs:

2m49.343470182s ago: executing program 3 (id=4023):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000240)={'team0\x00', <r2=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES16=r1, @ANYBLOB="01002abd7000fcdbdf250100000008000100", @ANYRES32=r2, @ANYBLOB="b400028038000100240001006d636173745f72656a6f696e5f696e74657276616c0000000000000000000000050003"], 0xd0}, 0x1, 0x0, 0x0, 0x24004000}, 0x24044880)

2m49.287952417s ago: executing program 3 (id=4024):
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x3, 0x8, 0x2, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
r0 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x0)
ioctl$SG_IO(r0, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x6, 0x1, @buffer={0x300, 0x49, &(0x7f0000000440)=""/73}, &(0x7f0000000380)="259374c96ee3", 0x0, 0xffffffff, 0x30, 0x0, 0x0}) (fail_nth: 1)

2m48.777260928s ago: executing program 3 (id=4031):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x1f, 0x15, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000fcffffff000000000900000018010000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000040000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000001000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000ff7f00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000001000000850000008200000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x11}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

2m48.776335008s ago: executing program 3 (id=4032):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000004c0)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@usrquota}, {@data_err_ignore}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@oldalloc}, {@grpquota}, {@noload}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x0, 0x0})
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xb, 0xc3072, 0xffffffffffffffff, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
syz_clone(0x30210011, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x40000, 0x0, 0x0, 0x0, 0x0, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000740)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xc94284a3061bb7fe, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
pwrite64(r0, &(0x7f00000005c0)='\"', 0x1, 0x4fed0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x441, 0x104)
fallocate(r2, 0x8, 0x4000, 0x4000)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000004c0)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@usrquota}, {@data_err_ignore}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@oldalloc}, {@grpquota}, {@noload}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==") (async)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) (async)
socket$inet(0x2, 0x4000000000000001, 0x0) (async)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]}) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x0, 0x0}) (async)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xb, 0xc3072, 0xffffffffffffffff, 0x0) (async)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) (async)
syz_clone(0x30210011, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
syz_clone(0x40000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000740)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xc94284a3061bb7fe, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94) (async)
pwrite64(r0, &(0x7f00000005c0)='\"', 0x1, 0x4fed0) (async)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x441, 0x104) (async)
fallocate(r2, 0x8, 0x4000, 0x4000) (async)

2m48.039462431s ago: executing program 3 (id=4039):
r0 = getpid()
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0900000004000000dd0000000a"], 0x50)
close(0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000181100"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000208500000004"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = syz_pidfd_open(r0, 0x0)
setns(r2, 0x24020000)
syz_clone(0x1b200000, 0x0, 0x0, 0x0, 0x0, 0x0)

2m47.379609907s ago: executing program 3 (id=4048):
r0 = getpid()
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0900000004000000dd0000000a"], 0x50)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000008000008500000006000000"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000181100"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000208500000004"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r2}, 0x10)
r3 = syz_pidfd_open(r0, 0x0)
setns(r3, 0x24020000)
syz_clone(0x1b200000, 0x0, 0x0, 0x0, 0x0, 0x0)

2m47.362267918s ago: executing program 32 (id=4048):
r0 = getpid()
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0900000004000000dd0000000a"], 0x50)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000008000008500000006000000"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000181100"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000208500000004"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r2}, 0x10)
r3 = syz_pidfd_open(r0, 0x0)
setns(r3, 0x24020000)
syz_clone(0x1b200000, 0x0, 0x0, 0x0, 0x0, 0x0)

1m0.912008954s ago: executing program 2 (id=5188):
r0 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000280)={0x2, 0x4001, @local}, 0x10, 0x0}, 0x30004001)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000100)) (fail_nth: 1)

1m0.45173181s ago: executing program 2 (id=5190):
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x8, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, [@tail_call={{}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x0)
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800019f000000000000000002000000000000000800010001000000040004"], 0x24}, 0x1, 0x0, 0x0, 0x4005}, 0x8080)
sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0x0)

1m0.314370283s ago: executing program 2 (id=5201):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r1, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @dev={0xac, 0x14, 0x14, 0x3e}}, 0x10, 0x0}, 0x34004811)
setsockopt$sock_attach_bpf(r1, 0x6, 0x25, &(0x7f0000000040), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)
splice(r2, 0x0, r0, 0x0, 0x800000000ff, 0x0)

1m0.2419655s ago: executing program 2 (id=5203):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x7, &(0x7f0000000880)=ANY=[@ANYBLOB="1800000001000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='fsi_master_aspeed_cfam_reset\x00', r1}, 0x18)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
llistxattr(&(0x7f0000000080)='./file1\x00', &(0x7f0000000c00)=""/4096, 0x1000)
r2 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = syz_pidfd_open(r2, 0x0)
pipe2(&(0x7f0000000100)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x84100)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000240)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000380)=0x14)
sendmsg$nl_route_sched(r4, &(0x7f0000000440)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)=@newtclass={0x38, 0x28, 0x100, 0x70bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, r5, {0xf, 0xf}, {0x9, 0x6}, {0x5, 0xc}}, [@tclass_kind_options=@c_tbf={0x8}, @tclass_kind_options=@c_multiq={0xb}]}, 0x38}, 0x1, 0x0, 0x0, 0x8841}, 0x50)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0xff0a, 0x0)

59.482423276s ago: executing program 2 (id=5206):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x1b, 0xd, &(0x7f0000000780)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback=0x36e084fcb6392193, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
arch_prctl$ARCH_GET_XCOMP_GUEST_PERM(0x1024, &(0x7f0000000040))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040), 0xab910fc08c8ca1f, 0x0)
r2 = socket$l2tp(0x2, 0x2, 0x73)
timer_create(0xfffffffffffffffc, 0x0, &(0x7f0000001400)=<r3=>0x0)
bind$l2tp(r2, &(0x7f00000000c0), 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010", @ANYRES8=r1, @ANYRES8=r3], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f00000001c0)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
close(0xffffffffffffffff)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f00000004000000040000001200000000000000", @ANYRES32, @ANYBLOB="000000000000ebff00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r7}, &(0x7f0000000000), &(0x7f0000000080)}, 0x20)
recvmsg$unix(r5, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000006c0)=""/179, 0x33fe0}], 0x1}, 0x0)
sendmsg$inet(r6, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x0)
sendto$l2tp(r2, &(0x7f0000000040)="e5786a0d000000000000c83b", 0xc, 0x6065, &(0x7f0000000100)={0x2, 0x0, @multicast2}, 0x10)
recvfrom$l2tp(r2, 0x0, 0x0, 0x40000040, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x1018, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x8, 0x6}, 0x2021, 0x10000, 0x0, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_open_dev$tty1(0xc, 0x4, 0x3)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x89a0, &(0x7f0000000040)={'syzkaller0\x00'})
r8 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r8, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0x10, 0x0}, 0x34004811)
socket$inet6_sctp(0xa, 0x1, 0x84)

59.465956598s ago: executing program 5 (id=5207):
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r0}, 0x10)
r1 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
r2 = openat$binfmt(0xffffffffffffff9c, r1, 0x42, 0x1ff)
close(r2)
r3 = openat$binfmt(0xffffffffffffff9c, r1, 0x2, 0x0)
write(r3, &(0x7f0000000180)="01010101", 0x4)
close(r3)
execveat$binfmt(0xffffffffffffff9c, r1, &(0x7f00000001c0), &(0x7f0000000200), 0x0)

59.448764919s ago: executing program 5 (id=5208):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000080)=0x14)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', r1, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8604, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x4, @perf_config_ext={0x8, 0x2}, 0x600, 0x10000, 0x0, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
io_uring_setup(0x2201, &(0x7f0000000540)={0x0, 0x1ae0, 0x402, 0x0, 0x390})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000200), &(0x7f0000000240)=r2}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000640)={&(0x7f0000000200)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000090"], 0x0, 0x26, 0x0, 0x1}, 0x28)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r4, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000340)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdbc, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x10)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r7, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8)
r8 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000007c0)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x14)
close_range(r7, 0xffffffffffffffff, 0x0)
r9 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="b800000019000100fcffffff00000000ac141423000000000000000000000000fe8000000000000000000000000000aa4e2200004e2400000a00006000000000", @ANYRES32=0x0, @ANYRESHEX=r9, @ANYRES16=r5], 0xb8}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

59.356702249s ago: executing program 5 (id=5213):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x3d, &(0x7f0000000040)={0x0, 0x0})
munmap(&(0x7f00003fe000/0xc00000)=nil, 0xc00000)

59.33906937s ago: executing program 5 (id=5215):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0xb, 0x42718, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0xd07, 0x40}, 0x100b28, 0x6, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x0, &(0x7f0000000100), 0xff, 0x4a1, &(0x7f00000004c0)="$eJzs3MtvVFUYAPDvTh+8aUVEQdAqGomPlhZUFi7UaOJCExNd4LK2BZGBGloTIY0WY3BpSNwblyb+Be7cGHVhTNxq4tKQEG1MKK5q7gum02mZlpYpnd8vmc45c1/nu+eemXPv6b0BtK2+9E8SsT0ifo+Injw7f4a+/G12Zmrk+szUSBJzc2/9nWTzXZuZGilnLZfbVmQOVSIqnyXxYrJwuxPnL5werlbHzhX5gckzHwxMnL/wzKkzwyfHTo6dHTp27OiRweefG3p2VeJM47q27+Px/Xtfe+fyGyPHL7/707dpsfYcyKfXxnFL1xsE1EBfutf+mcvUT3t8GWW/G+yoSSedLSwIy9IREWl1dWXtvyc64mbl9cSrn7a0cMCaSn+bNi0+eXoO2MCSaHUJgNYof+jT89/ydYe6HuvC1Zciuov07MzUyOyN+DujUnzetYbb74uI49P/fZW+YrnXIQAAViDr2zzdqP9XiT3Zez7WsbMYQ+mNiHsiYldE3BsRuyPivohs3vujOx7IF57raXL7fXX5hf2fypWGZV4laf/vhZq+32xN/MVbb0eR25HF35WcOFUdO1zsk0PRtSnNDy6xje9f+e2LxabV9v/SV7r9si9YFOBKZ90FutHhyeHV2glXL0bs62wUf3JjJCA9AvZGxL7lrXpnmTj15Df7F5vp1vEvYRXGmea+jngir//pqIu/lCw9PjmwOapjhwfKo2Khn3+99GaR7K6fdlvxr4K0/rfOP/6LKReL955/k3y8tiuq1bFzE8vfxqU/Pl/0nGalx3938nY2Zv3Le/lnHw1PTp4bjOhOXs/y5Y7OPh+6uWyZL+dP4z90sHH731Usk8b/YESkB/GBiHgoIh4uyv5IRDwaEQeXiP/Hlx97f4n4k0iipfU/2vD7L4nYnCV6k9rx+hUkOk7/8N1iI+bN1f/RmM6+a3PZ998tNFvA29+DAAAAsP5VImJ7JJX+PN23PSqV/v78f/h3x9ZKdXxi8qkT4x+eHc3vEeiNrkp5paun5nroYDJdrDHPDxXXisvpR4rrxl92bMny/SPj1dEWxw7tbtv89h9l+0/91dHq0gFrzv1a0L7q23+lReUA7rxmfv+dC8DG1KD9b2lFOYA7z/k/tK9G7f+Turz+P2xMC9v/nw0eWQdsRPr/0L60f2hf2j+0pWbv4i+fp7DihwDMS5Q3C6x8PZubvsN//SX61mTNZQ2tZeG3xM1PorJqa55eB5WyzhNpi1nJ4rGz+WdhzE80eFgNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAXej/AAAA//+q8eIl")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x20042, 0x0)
pwrite64(r0, &(0x7f0000000000)='2', 0x1, 0x4fed0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x4)
r3 = dup(r2)
fsetxattr$security_selinux(r3, &(0x7f0000000000), &(0x7f0000000040)='system_u:object_r:mouse_device_t:s0\x00', 0x20, 0x0)
r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r4)
ptrace$cont(0x1f, r4, 0x1, 0xfffffffffffffffc)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0xfe, 0x0, 0x7ffc9ffe}]})
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000340)={'team0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000380)={&(0x7f0000000a40)=@delchain={0x2e8, 0x65, 0x10, 0x70bd2b, 0x25dfdbfe, {0x0, 0x0, 0x0, r6, {0x9, 0x8}, {0x19, 0x6}, {0x3, 0xfff2}}, [@filter_kind_options=@f_flower={{0xb}, {0x4c, 0x2, [@TCA_FLOWER_KEY_IP_TTL={0x5, 0x4b, 0x6}, @TCA_FLOWER_KEY_ENC_IP_TOS_MASK={0x5, 0x51, 0x1}, @TCA_FLOWER_KEY_CT_MARK={0x8, 0x5f, 0xf}, @TCA_FLOWER_KEY_MPLS_OPTS={0x30, 0x63, 0x0, 0x1, @TCA_FLOWER_KEY_MPLS_OPTS_LSE={0x2c, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_MPLS_OPT_LSE_TTL={0x5, 0x2, 0x49}, @TCA_FLOWER_KEY_MPLS_OPT_LSE_TTL={0x5, 0x2, 0xd1}, @TCA_FLOWER_KEY_MPLS_OPT_LSE_BOS={0x5, 0x3, 0x1}, @TCA_FLOWER_KEY_MPLS_OPT_LSE_TTL={0x5, 0x2, 0x7}, @TCA_FLOWER_KEY_MPLS_OPT_LSE_TTL={0x5, 0x2, 0x8b}]}}]}}, @filter_kind_options=@f_flow={{0x9}, {0x258, 0x2, [@TCA_FLOW_XOR={0x8, 0x7, 0xa7}, @TCA_FLOW_RSHIFT={0x8, 0x4, 0x7}, @TCA_FLOW_BASECLASS={0x8, 0x3, {0x8, 0x4}}, @TCA_FLOW_EMATCHES={0x14, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1ff}}]}, @TCA_FLOW_EMATCHES={0x1f8, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x110, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0xfffb, 0x7, 0xffaf}, {{0x3, 0x0, 0x1}, {0x1, 0x1, 0x1}}}}, @TCF_EM_CMP={0x18, 0x2, 0x0, 0x0, {{0x2, 0x1, 0xeb41}, {0x7, 0x6, 0x3, 0xa, 0x4, 0x0, 0x2}}}, @TCF_EM_META={0x54, 0x3, 0x0, 0x0, {{0x81, 0x4, 0x9}, [@TCA_EM_META_LVALUE={0x8, 0x2, [@TCF_META_TYPE_INT=0x4]}, @TCA_EM_META_RVALUE={0x12, 0x3, [@TCF_META_TYPE_INT=0x3, @TCF_META_TYPE_VAR="1de8ef88dbca597cd21c"]}, @TCA_EM_META_RVALUE={0x4}, @TCA_EM_META_LVALUE={0x19, 0x2, [@TCF_META_TYPE_VAR="eafb3ee1b6", @TCF_META_TYPE_INT=0xa, @TCF_META_TYPE_INT=0x8, @TCF_META_TYPE_INT=0x3, @TCF_META_TYPE_INT=0x8]}, @TCA_EM_META_HDR={0xc, 0x1, {{0x7, 0x98, 0x2}, {0x6, 0x8, 0x1}}}]}}, @TCF_EM_CANID={0x14, 0x3, 0x0, 0x0, {{0x3, 0x7, 0xdc}, {{0x2, 0x1, 0x0, 0x1}, {0x2, 0x1}}}}, @TCF_EM_CONTAINER={0x2c, 0x2, 0x0, 0x0, {{0x9, 0x0, 0xb}, "0bdc6e22bb4e237e8ccc6e1e3699f95688d9f594ae6b384a4e43a59785"}}, @TCF_EM_CMP={0x18, 0x1, 0x0, 0x0, {{0x7fff, 0x1, 0x9}, {0xf9fa, 0xe0f1, 0x1, 0x2, 0xd}}}, @TCF_EM_CMP={0x18, 0x1, 0x0, 0x0, {{0x9, 0x1, 0x4}, {0x3, 0x6, 0x8, 0x6, 0x9}}}, @TCF_EM_U32={0x1c, 0x1, 0x0, 0x0, {{0x8000, 0x3, 0x7}, {0x0, 0x9, 0x8, 0x4}}}]}, @TCA_EMATCH_TREE_LIST={0x58, 0x2, 0x0, 0x1, [@TCF_EM_U32={0x1c, 0x3, 0x0, 0x0, {{0x9, 0x3, 0xffff}, {0x8, 0x0, 0x1, 0x8001}}}, @TCF_EM_NBYTE={0x1c, 0x1, 0x0, 0x0, {{0x5, 0x2, 0x1}, {0x4, 0xa, 0x0, "c77ace40ec7e2cf0e976"}}}, @TCF_EM_U32={0x1c, 0x3, 0x0, 0x0, {{0x4, 0x3, 0x1}, {0x8, 0x7fffffff, 0x4, 0xfffffff9}}}]}, @TCA_EMATCH_TREE_LIST={0x3c, 0x2, 0x0, 0x1, [@TCF_EM_IPSET={0x10, 0x2, 0x0, 0x0, {{0x7ff, 0x8, 0x2}, {0x1, 0x0, 0x1}}}, @TCF_EM_CANID={0x14, 0x2, 0x0, 0x0, {{0xe49, 0x7, 0xd62}, {{0x3, 0x1, 0x0, 0x1}, {0x3, 0x1, 0x1, 0x1}}}}, @TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x5, 0x7, 0x8d61}, {{0x0, 0x1, 0x0, 0x1}, {0x4, 0x1, 0x1, 0x1}}}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xb}}, @TCA_EMATCH_TREE_LIST={0x48, 0x2, 0x0, 0x1, [@TCF_EM_IPSET={0x10, 0x2, 0x0, 0x0, {{0x8, 0x8, 0x1}, {0xffffffffffffffff, 0x5}}}, @TCF_EM_NBYTE={0x10, 0x2, 0x0, 0x0, {{0x7b, 0x2, 0x3}, {0x200, 0x0, 0x3}}}, @TCF_EM_IPSET={0x10, 0x2, 0x0, 0x0, {{0x7fff, 0x8, 0x3ff}, {0x3, 0x3, 0x2}}}, @TCF_EM_IPT={0x14, 0x2, 0x0, 0x0, {{0x60c, 0x9, 0x2}, [@TCA_EM_IPT_HOOK={0x8, 0x1, 0x1}]}}]}]}, @TCA_FLOW_MASK={0x8, 0x6, 0x8000}, @TCA_FLOW_POLICE={0x20, 0xa, 0x0, 0x1, [@TCA_POLICE_AVRATE={0x8, 0x4, 0x1}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x808000}, @TCA_POLICE_RATE64={0xc}]}, @TCA_FLOW_ADDEND={0x8, 0x5, 0x1}]}}, @TCA_RATE={0x6, 0x5, {0x9, 0x1}}]}, 0x2e8}, 0x1, 0x0, 0x0, 0xc080}, 0x4)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r7}, 0x10)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000680)={0x2c, 0x2e, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @fd}, @typed={0xffffffffffffff10, 0x0, 0x0, 0x0, @uid=0xee00}, @nested={0xc, 0x0, 0x0, 0x1, [@typed={0x5, 0x1, 0x0, 0x0, @binary="98"}]}]}, 0x2c}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000180)={{r8}, &(0x7f0000000040), &(0x7f0000000080)='%+9llu \x00'}, 0x20)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r10}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48)

59.213086333s ago: executing program 2 (id=5217):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000000), r0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r2=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000040)={0x24, r1, 0x1, 0x70bd28, 0x1, {}, [@BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x1000080}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}]}, 0x24}, 0x1, 0x0, 0x0, 0xc084}, 0x40000) (fail_nth: 1)

59.154380448s ago: executing program 33 (id=5217):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000000), r0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r2=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000040)={0x24, r1, 0x1, 0x70bd28, 0x1, {}, [@BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x1000080}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}]}, 0x24}, 0x1, 0x0, 0x0, 0xc084}, 0x40000) (fail_nth: 1)

59.148478409s ago: executing program 5 (id=5219):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
r2 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
r3 = openat$binfmt(0xffffffffffffff9c, r2, 0x42, 0x1ff)
close(r3)
r4 = openat$binfmt(0xffffffffffffff9c, r2, 0x2, 0x0)
write(r4, &(0x7f0000000180)="01010101", 0x4)
close(r4)
execveat$binfmt(0xffffffffffffff9c, r2, &(0x7f00000001c0), &(0x7f0000000200), 0x0)

58.847336029s ago: executing program 5 (id=5223):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0xfffffffb}, [@call={0x85, 0x0, 0x0, 0xd0}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0xe, 0x0, &(0x7f0000000100)="eb4de8bab69f25656cff2d54a78b", 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)

58.755650078s ago: executing program 34 (id=5223):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0xfffffffb}, [@call={0x85, 0x0, 0x0, 0xd0}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0xe, 0x0, &(0x7f0000000100)="eb4de8bab69f25656cff2d54a78b", 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)

2.01559461s ago: executing program 6 (id=6098):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40a01, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}})
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r2, 0xa02000000000000, 0x60, &(0x7f0000000000)={'filter\x00', 0xb001, 0x4, 0x3e8, 0x0, 0x0, 0x130, 0x300, 0x300, 0x300, 0x7fffffe, 0x0, {[{{@arp={@local, @empty, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'pimreg\x00', 'veth0_to_bridge\x00'}, 0xc0, 0x130}, @unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f67b23ffdfa27f907a03732da3acbc6518e62a77ca06f258762e88c0d9f9d2f413b94a105f4bdf01425ce81c5d000000000000000500ffffffff00"}}}, {{@arp={@multicast2, @empty, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_to_team\x00', 'ip6tnl0\x00'}, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE3={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x438)

1.70938987s ago: executing program 6 (id=6105):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
fsmount(0xffffffffffffffff, 0x1, 0x0)
syz_open_procfs(0x0, &(0x7f00000004c0)='smaps_rollup\x00')

980.281022ms ago: executing program 1 (id=6114):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='kfree_skb\x00', r1}, 0x10)
r2 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)

938.264916ms ago: executing program 1 (id=6115):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40a01, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
socket$kcm(0x2, 0xa, 0x2)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r1, 0xa02000000000000, 0x60, &(0x7f0000000000)={'filter\x00', 0xb001, 0x4, 0x3e8, 0x0, 0x0, 0x130, 0x300, 0x300, 0x300, 0x7fffffe, 0x0, {[{{@arp={@local, @empty, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'pimreg\x00', 'veth0_to_bridge\x00'}, 0xc0, 0x130}, @unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f67b23ffdfa27f907a03732da3acbc6518e62a77ca06f258762e88c0d9f9d2f413b94a105f4bdf01425ce81c5d000000000000000500ffffffff00"}}}, {{@arp={@multicast2, @empty, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_to_team\x00', 'ip6tnl0\x00'}, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE3={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x438)

704.319759ms ago: executing program 0 (id=6117):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r0, 0xa02000000000000, 0x60, &(0x7f0000000000)={'filter\x00', 0xb001, 0x4, 0x3e8, 0x0, 0x0, 0x130, 0x300, 0x300, 0x300, 0x7fffffe, 0x0, {[{{@arp={@local, @empty, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'pimreg\x00', 'veth0_to_bridge\x00'}, 0xc0, 0x130}, @unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f67b23ffdfa27f907a03732da3acbc6518e62a77ca06f258762e88c0d9f9d2f413b94a105f4bdf01425ce81c5d000000000000000500ffffffff00"}}}, {{@arp={@multicast2, @empty, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_to_team\x00', 'ip6tnl0\x00'}, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE3={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x438)

674.125882ms ago: executing program 0 (id=6118):
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)

644.548235ms ago: executing program 6 (id=6119):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8a}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x69, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000c}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='kfree\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r2}, &(0x7f0000000800), &(0x7f0000000840)}, 0x17)

622.886428ms ago: executing program 6 (id=6120):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
r2 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
r3 = openat$binfmt(0xffffffffffffff9c, r2, 0x42, 0x1ff)
close(r3)
r4 = openat$binfmt(0xffffffffffffff9c, r2, 0x2, 0x0)
write(r4, &(0x7f0000000180)="01", 0x1)
close(r4)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x42, 0x0)
close(r5)
fchmodat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x1ff)
execveat$binfmt(0xffffffffffffff9c, r2, 0x0, &(0x7f0000000380), 0x0)

596.08677ms ago: executing program 1 (id=6121):
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000003b40)=ANY=[@ANYRES32=0x0, @ANYRESDEC, @ANYRES16=0x0, @ANYBLOB="b022fd84099290ab8ebe39cfc17f80bc2926131e9437a1dea9ca1756900531c14b67f7a9edd0d80c7c73649053153a8d8db6d3c0d3b3fa951f57d14071b61a27d968a0ae7bd580d2d9fd9034451c3ecffae80b234e72fb11e3a60c1208bd5262c5009e3e45582ed4203850292ed682fc5e26f5c2af47718ee5b4f2ed68f0b21b813ec22c4c61d3f22f5a01ebea6c484d8ef4ca90180b4587e0bee2f782fef574aa1e0ebc5d9e42452910d03c12feff7848f72ac5430476b9dc2457a09efdc6f181c408abe7b30cccd2c8fb85389e1cacd4f4b29a3d4a55941bf1bb416203732d6712d5a89470876ae6daec66f3fe1b39982c2781b115e20af7ce0a0c7c77db1073adc6e11597bd9f540f90f60b92dc84a5c764379c0b9426ff4f547182502633aa754dcfc63e46c7cef8e3a0c29bf5184ac150e90d884c59cba3dae7c531fb114534292629d8532c0f67ee37f2c349ea8f28199aff2aa335df5db411287a73adfbfff212cf7b6d277a361c55af160d98b5c3db84da37d80e07269c33f60f111ec3c09d8843e1f5499e71de9b48882b9415d45b20393888ec49f307d535580947b5a5b40b465382aa4a579f317d91792f8ed70e9401863bc0a21d7e15f828ae8f13c673a30cba6f10f89c8a018cc8bbe7072ffe1c5d4ef11f0f82cf967faef8608f8b289245f87607917b0c2578dbbe5186ac78b8cd9a5aff567aebe8a73dd547fdc503885a2df4953f3497688b7b1ede6a2e529b25ecc246a7bcb00077059d7e0100aa20cb4d1dbac6eec0a9f803601c799eddb9b271f0530842291167abffb982fe47a496e884ee3c17850f970cb3ac3342b832b8b984e2eb4836afb7727f7310a347add2a1094cfff7b44516593bbf15f3a9e0e2a788e99bdec6706ae9a39b4f8983ae38d4cdf866d9670de91036ea86646f195ec4b4ce462ea624b8875825262a301f9235496b935506109287bbcf4754e3fa637428a2e39a80cd07ffafd756839abddc721421754fcae705ab432fcdd6f3c004dfad9e6bfa87746dd41649dcd2bf1728a3d6d2ddf27a52957422a27f9e478530873d9f1861b71f2378540648b171bcbd44533723ae1a89e56e2f570c0571eb3c66fac65e3abad003a828f2d21cc990e57b80dd3762fe1204eb320591d6a93f9052b80494b2f52ad89d6374cf33040e2484c3384946450bb65835d65bebb4a91c0f82e598e5aa7ff9ba79f27bbd46240287721d2759fa24cec97658d8f17b3f424293f7253b74dae4b966c8089c546936953d8ce63463c26f1e296f56e17e7f890b6001ed5d9f739036842e989b40c02d3fe5227b1fb08a98f1b1f0c336346698e70171e74e40c5304a356b29c947672f8a0535b7ce3a66b276d09ca3d9fff030e41598649a310875f5b5801c471182c1f617c907f06b5f36a1f9294b0f4a95d0fc98682b1e38f2f94fb08f20c5e5c7afaa9fbbd84734a98dd9b33188f6b79334b09ca8e2de56457242f904b114a2c313b193fe421d7fa97da5ab77f363e83b4698bf903022d13826ded79a905f07f97dc0fc4cc290b969ee37075a4a80a0d86d0696eeea2048ebd1a97f8319b3342e515ae5c9e25ee933d926ae0f31af55aeb07da6508756ac9549ba8bbc0095a17cb647df12f926e595a531d7208ef75cfd6239f65a0584121c75e00f7c77990b90e6350b1a84eba4430979bb726ab02050573af29156bed8e243527593dc0c6de41d0b6775818a96ee97d153826a217e8d7e88c6c44baa781a495afeba3882a06f5b1a87b1e8ee1edf404ac3ade6f5af1f6cd22c01506b5f84befb55c86f79b56e4d5754be8f564f57852f991c2275cbf55937666e022c2b2f0d020156152377859b345f74fe66791421e5571a7900df89c9bef5c3cb19113fae5d524ae2edea5ca91baf096c02e1e860c9b5a97882da598ef1e39fcb61d83f997675a772ac37c0fbe65a9d379b9204a915fdb6a7c7cdbd14c0893cd5e8cfd56f4021756d6c6a25b258a69922a41f3c7bc43b69f46293b381a27ae5a3cfcf2526f8eadcb540ec87d6009d6a2939882140f9a447c5be4328a0681aa3002f6a9dfd836b362fb1d423d7c9571aeb50e2a6acb9ab4e85574baf27b1028db0f6647aa7fe995c1fbf8ab422bb15acf9ae6de73972c9549cb601297bbb1c740e8761af16c4785c4827b5dc5e52f4a82000f6f87670ec19fea4e04e564fc83c0ccf1b7fa2bb9ac3e56addfa7f5f6d1d3d3c92dea5de9fa42f1414a769b0cdc40e306fee0ad66573628b83a07fe087fcb3377848e1a7869e592c83bb594284da28a4f5db381059d56e5d4989042dadbbe6000b66184ca8fe9d293f6c70988f3d7b8ee00546a21aaeca498ae06fa7becc5a55914c7a1ab714d955a8b0bd72e8d6bbf4dd451b525fcbc9fb5c10747dee3c755d39be5c2d52345c56185a8d6cee878b72255acabf7dbefafaed94838532fd01ea6244c4ac929de6846084a07d19de7098e62b613775abe326d402f707c4fbb3968b0aac7f1f27537cbdecee19151b310bcbe2c848ef41eea747e85f87d5a160b2cb6b28d137e30c69770c1651e44a66f8e3394bec03c8256b89fd59bec449c6a2bdb351f53d05e463f75b834624b8c7b557dc38a398d726d0846fc2f062b5b32d10af38ce844c6811aaef73ace1d86813bc37433670f6180f9bd112ae00133077fc7a0bd12d7b4b3a53a3c16a9cb0e8112f18691aa3bd2215afdaa1d00c8ea4f4a302ea9ebc94afaad2549f646a8ae66b953fa9cd649a02c4b152cc6c7b55d99ddc3d0fd1fcd84da355eb02581dba9e4d9dd235d2d4c4e094161440e70926221d76ce70c8762485c8b801550cc208e5d1bfd184e622ff0950a912dd47163c838fd562f09ca1690e76da55a471ec67cb83bbb103975bd4683f0393ec8b843f55ba2c0bdc6c90b50031cfe751792bd5d0cb50c8ee93086794e18c4ed66d6bd09b499f8ff2f63a8920701ab0af5b4b75402b1d65b1eb515dc46e181a1699f21e67349c904f02f8358e28faff2ade65703d14dc2774b02acc731eee0941675502d95e0c32a7304f6e9af85ef220daea0de24cf79e35a59412e62835d3032f88d9ed7befd4f708bfd2d236bd188b6f951bbe13e3add84f111e20324a523426611ec15fb376e7306cbec6867f0b945047a4facf78154e68a66a36972d5a18af1403baa9b4b51fddd072ee1f0087add02485b40323bd708b76406e10a927a913d91c5d771d3aeb3cfafb54b1016785c61ed13060d5f1b550676a656b874fd392ae61c5044218df55cbb72b819990ffdb130fb17a14f7cb5a2a8aafedc6526d83762dbf320f15758030eeecf5652dccf04cdc68827400c768a21daff47212b87357ff0bcb36cae4d113a5d9815b07332cb42329321664d93e43e6dcd6115987007fc623088004f8ac943736eb2a045a25b1bbfbbc97571eabf875d924f6b7b0e524b1afa0ff499473aa7976de83b91928e84f8e445728778fe0e5a356a57f09ed254848cec31b7c5c9c7a2fca21befe15ffc9317e96f7ad582684ce625791b99563781bf64983e77be4f1a5893beec4b560fc15e9c21dd0c29bf2879dfaa257ba5ec97957050d5b2c1f25eb4064488c139dbf88f3b7c70850d6fdbf0603cdd4011bf76e0d9ee5c2b128b50dba5689a8f04d4caf62d777eab31aab4b4195da780901352d284885bf417eb05367ee1b5f2f8c5cfe7f0394fb977f3a3f96084375e22ccf6c3ee4659d68d2b1948a4a1783a4db2282c67d39613fa67be4dd144793b76c09dd563ef3d169f34318acbd62d3b2d64f9173d16e9801132918c3390172c6f64d049b4c894d593419e5f4d5a513fc5a64ddcd05b034e6d16fe88ff89a520c464f842ad5a62a6fc46f0e9d56d05d6f5e625d25f537cca62910981dd463255318d8273db13d27fdc6c17c2c54776ba3a246c413957f297b8ecb1adb5c3f1d4d8e4d7705bdb9268f956d2845b68511edd51cdc5d05de5d6d4b3f573592986fed325f1f3c6a9ef7740f9d843e11981d1ca515c7e722ec4d691c5e4d3a146e39bcf407f66418f754bb2508cb4cc843aa9d8eb63850e5b9103682ecc1fc8f972f394be9d31cb9efd0f693d4ec41fe8d0993b45d2f422f9ab604d3371c1bda1daa3206a027c4de5c8f2cf6d1fc7e6d1423a6c71e84f24e0a4dfbf4a331deff2ae649df9681a08846efc9f0001e7ef106f1bfa25ee2799b13f1f076e30e58078d186afb65301497e982478babf143972cc7072f70829b8faee46e56a1451ff7ddd0dd35816bfa29eee361de60fbc3222e89d70f1495be94d0e82072a0e572e3055c905552e6c45d2af3d4f505a99d947667059c1c92ce2d3549077539c4cec4c07337361eeb9f78813bf9e77b0a79f391ae6eb663deb53317f61ef8ddffdbd0ca2d8095c10c106b0968325bc1e88829d92399b809f1b881e9b9f0aeada5c5ee20fd0866070e3d5d41e62f5b6d2d25441babcdf9d3dc8ae3c140a6f352daf00ed38e248b236acd27f24bdebae0f272a5820ef77fb603fe3cc910a9d842129259e61d25dcf546cd770e4cccab470b20fa5f5972a6dd15853483de6e032f9726c166e81e8e0f9db4df397cc4a10b6e58708a31f48d7d2bae4ef92828c37088068b2ae433110dc7c08e6017d8b26e4e0382ca8fa62dc6f53c4cc2f0f78af72335c494f57f2414afe247e2291c395895bb18f701b6f4331feb759110c543dd94a238e782ad552047677558a50e7683d71a9e222fd19a9343e1d64528640a8099dedd19e4c747dda18ff25b15bddf750a54533b6ecfc75ad4a2909485f7fd759d45c74727b2e7300eae71a8784f5dd7f25b4b000ed3254264131cbbae316fb3a3bfbeb309dd2d18104629db354f447791eb882bf0333a520b8dba745b673d071b07e1de3e02fe751a1cf5908435b1a38edbd60483abdb15452c868844ceb96c449ab72999a55c79f9ce7405797142ef7095b4caf99d7bbe51cd4e963e4ffbbd2648761abd3894b5420a0add261ff9c0eff61aafd1ac5195ff15cadb5b0c7ce34d4d2d68146f3dae677e833b8be0f8a876153bb65398def38e4bf539d3a00047b19c483062fc1c2547b7d4f7d99b7035212ccfffeeb21ed7bbd6165ac7fbafbca3cef86fff655305706dd0baa607c50543bb0d66f0f4dbdd9c365fdb7b875dc5e7ee59afccc321ad1e31cc84687afda71231bb2e4dc3ce79ff3ce4bbafed8821a5b71bbf3844f110e2dd9557b596ac792d97506d22c0410bce435e20fa2e2d435361b5b6ac85f44763769723a7b629258f45e10578f70bef2e9c05af8032e357697dfcd30de9b3e953a36d6cb7a03ce69288b663f692793904dd8fb4ab6dc31ddf7f6942ef84c1e68c78bf9974f830ee2fccca84113cee98b47ed41a87fe610c5348dc38d4ada19862772317a70754870347ad87dbbb4c52349b0261aa8e108fcf387b24d4e2a77ba76e8472fd74ab6fa021277a24ef7a48d395b0fd1f9c0cf83bac56b433ffbfe5984a362e337969febf259988162c2b4842bd2fc0b230fee93a085003e615088abfe41889f7b5e0f380ffe55b66c1f7419993c3dd4aac5891494a183ddca2e415e1749489c925715f3c44d94b90d2d735f2b923bdbbbf1646580ab135356a9ee29bc19e73ded9a33798a69d248574e0c9e9f40a1c1ba52bc66a578d08b75f271a9e9f447efede09d6b3b57e0aa6322c18fd6f5e1c9d2753e0a6513cc04124ab89802eb9c504f0e5550868ab597629d7cc7447ed1b01b2ff4cf511aa098710b208b5aa0f595039a2f0e7294c5fe3b0c3e6c40000000000000000000000000000000002588beb10115f4b22f4ac997c86c49201ee9dceb2142ae61555bbbc4ef8cdd468a8ffbe6cbfc8877dd87292c70e10669bc99d8d5710f7719cc2cffc86cd529b6da2511d07aef4a1d9533ab58a76f80ad7fe91a17397d3c83481", @ANYBLOB="fe2ecf20a9a17bd2ed7e803f830375c150a1f848f604c2c1f932d2b7163be4b2b9a5bd521d185cfbee555b27608594beba6325923aaf5db74cff01000053db92c6c5fcbba0abd975fc76bea49b00513afc856ed89d3fadeda307ca587354322803b0983cc65725ae7f45fb95e7cdb28c6b886959b7dde2c87c73f6008cf6eed7861f24b7423704b95f3d05b92d3d7ff9d392833ecd02443320b60131a350360fcc1d659e2a03cb469caf0498bacae0735a161345b3d71a55f14ef636b6f832c7a6071fce83904dfd871b6d8e03648dbaa3a039eb5673792cae80335732030f9aeabaf3bb3cc4ca5fe75271d69b2e78beb2b81fc3cf3a18a7ae93a3cdbe6599b99408275e2b4b4477c6fcf4806134e839e13533ec000000000000006a1c000000000000000000000000000000000000000000000000000069c3288311b7414705e975eb3f1b77a120", @ANYRES64], 0x8, 0x2eb, &(0x7f00000004c0)="$eJzs3E1PE10UwPHTF0pbAmXx5DGaGG50o5sJVNdKYyAxNpEgNb4kJgNMtenYkpkGU2NEV26NH8IFYcmORPkCbNzpxo07NiYuZGEc0+kMhTKAlNIi/H8JmcPce6b3zgzk3AnD+r23T4t5W8vrFQnHlYRERDZEBiUsvpC3DbtxTLZ6JZf7fnw+f+f+g1uZbHZsUqnxzNSVtFJqYOjDsxcJr9tKr6wNPlr/nv629v/a2fXfU08KtirYqlSuKF1Nl79W9GnTULMFu6gpNWEaum2oQsk2rHp7ud6eN8tzc1Wll2b7k3OWYdtKL1VV0aiqSllVrKqKPNYLJaVpmupPCvaTW5yc1DMtJs+0eTA4IpaV0SMiktjRklvsyoAAAEBXNdf/YVHtrP+XLqxW+u4uD3j1/0osqP6/+qV+rG31f1xEAut///MD63/9YPX/zorodDlU/Y/jYSi2Y1eoEdYarYye9H5+Xa8fLg27AfU/AAAAAAAAAAAAAAAAAAAAAAD/gg3HSTmOk/K3/leviMRFxP8+IDUiIte7MGS00SGuP06Axot70QER8818bj5X33odVkXEFEOGJSW/3PvBU4v9N49UzaB8NBe8/IX5XMRtyeSl4OaPSKpHmvMdZ/xmdmxE1W3P75Hk1vy0pOS/4Px0YH5MLl3ckq9JSj7NSFlMmXXH0ch/OaLUjdvZpvyE2w8AAAAAgJNAU5sC1++atlt7PX9zfd38fCDSWF8PB67Po3Iu2t25AwAAAABwWtjV50XdNA1rjyAh+/dpPYge0ZH9Gf5tlv+3DEc30z0C/8O3NcW9nW0/LaEDnJZdgrC0kjVUm4067Cz8x0a79ZGJ0c5fQTc48+79z/Yd8NpyfJ+Zth5E9r4Bejr2CwgAAABAxzSKfn/PaHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAKdSJ/47W7TkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx8WfAAAA//+SWQVN")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000700)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000012c0), 0xfe, 0x244, &(0x7f0000000400)="$eJzs3T9oJFUcB/DvzO565m6RUxtB/AMiooFwdoJNbBQCEoKIoEJExEZJhJhgl1jZWGitksomiJ3RUtIEG0WwipoiNoIGC4OFFiu7k0hMVqNu3Dkynw9MZibz3vzesPN9u83sBmisq0mmk7SSTCbpJCmON7i7Wq4e7q5PbM8nvd4TPxWDdtV+5ajflSRrSR5KslUWeamdrGw+s/fLzmP3vbncuff9zacnxnqRh/b3dh8/eG/2jY9mHlz54qsfZotMp/un6zp/xZD/tYvklv+j2HWiaNc9Av6Judc+/Lqf+1uT3DPIfydlqhfvraUbtjp54N2/6vv2j1/ePs6xAuev1+v03wPXekDjlEm6KcqpJNV2WU5NVZ/hv2ldLl9eXHp18sXF5YUX6p6pgPPSTXYf/eTSx1dO5P/7VpV/4OLq5//JuY1v+9sHrbpHA4zFHdWqn//J51bvj/xD48g/NJf8Q3PJPzSX/ENzyT80l/zDBdb5+8PyD80l/9Bc8g/NdTz/AECz9C7V/QQyUJe65x8AAAAAAAAAAAAAAAAAAOC09Ynt+aNlXDU/eyfZfyRJe1j91uD3iJMbB38v/1z0m/2hqLqN5Nm7RjzBiD6o+enrm76rt/7nd9Zbf3UhWXs9ybV2+/T9Vxzef//dzWcc7zw/YoF/qTix//BT461/0m8b9daf2Uk+7c8/14bNP2VuG6yHzz/ds79i+Uyv/DriCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABib3wMAAP//+kBtTA==")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101842, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000080)=0x10000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='mmap_lock_acquire_returned\x00', r1}, 0x10)
futex(0x0, 0x1, 0x800001, 0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bf"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x39, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0xffffffffffffffff}, 0x13)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0xf0)
pwritev2(r3, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5412, 0x0, 0x0)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
fdatasync(r0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="4400000010000400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b000100697036746e6c00001400028006001300"], 0x44}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x9}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x3800480, &(0x7f0000002200), 0x45, 0x786, &(0x7f00000007c0)="$eJzs3d9rW2UfAPDvSX93e9/2hRd0XhUELYyldtZNwYuJFyI4GOi1W0mzMps2o0nHWgpuiOCNoOKFoDe79se889Yft/pfeCEbU7vhxAupnDRZszXpkq1J5vb5wGme5zwnfZ5vnnOe8yTnkATwyJpI/2QiDkTEB0nEWHV9EhEDlVR/xLGt7W5urOfSJYnNzdd/Syrb3NhYz0Xdc1L7qpnHI+L7dyMOZnbWW1pdW5gtFPLL1fxUefHsVGl17dCZxdn5/Hx+6cj0zMzho88dPbJ3sf7x09r+qx++8vRXx/5657HL7/+QxLHYXy2rj2OvTMRE9TUZSF/C27y815X1WLJ7cYM9gAdB2jF9W0d5HIix6KukmhjpZssAgE55OyI2m+lrWgIA/Kslzc//AMBDqfY5wI2N9Vxt6e0nEt117aWIGN6Kv3Z9c6ukv3rNbrhyHXT0RnLblZEkIsb3oP6JiPjsmze/SJfo0HVIgEYuXIyIU+MTO8f/ZMc9C+16poVtJu7IG/+ge75N5z/PN5r/ZW7Nf6LB/GeowbF7L+5+/Geu7EE1TaXzvxfr7m27WRd/1XhfNfefypxvIDl9ppBPx7b/RsRkDAyl+eld6pi8/vf1ZmX187/fP3rr87T+9HF7i8yV/qHbnzM3W569n5jrXbsY8UR/o/iTW/2fNJn/nmixjldfeO/TZmVp/Gm8tWVn/J21eSniqYb9v31HW7Lr/YlTld1hqrZTNPD1z5+MNqu/vv/TJa2/9l6gG9L+H909/vGk/n7NUvt1/Hhp7LtmZXePv/H+P5i8UUkPVtedny2Xl6cjBpPXdq4/vP3cWr62fRr/5JONj//d9v/0PeGpFuPvv/rrl/cef2el8c+11f/tJy7fXOhrVn9r/T9TSU1W17Qy/rXawPt57QAAAAAAAAAAAAAAAAAAAAAAAACgVZmI2B9JJnsrnclks1u/4f3/GM0UiqXywdPFlaW5qPxW9ngMZGpfdTlW932o09Xvw6/lD9+RfzYi/hcRHw+NVPLZXLEw1+vgAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBqX5Pf/0/9MtTr1gEAHTPc1+sWAADdNtzf6xYAAN023NbWIx1rBwDQPe2d/wGAh4HzPwA8epz/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6LATx4+ny+afG+u5ND93bnVloXju0Fy+tJBdXMllc8Xls9n5YnG+kM/miotN/9GFrYdCsXh2JpZWzk+V86XyVGl17eRicWWpfPLM4ux8/mR+oGuRAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDrSqtrC7OFQn5ZQkKi7URc2DqOHpT27F0iBrdHiZGejU8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD7p/AgAA//+mAybn")
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)

594.85052ms ago: executing program 0 (id=6123):
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0600000004000000fd0f000002"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f9ffffffb703000000080000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000300)={0xffffffffffffffff, 0x20, &(0x7f00000002c0)={&(0x7f0000000240)=""/80, 0x50, <r1=>0x0}}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000080)='kfree\x00', r2}, 0x18)
r3 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f00000001c0)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300", 0xffffffff}, 0x48, 0xffffffffffffffff)
r4 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)
r5 = add_key$fscrypt_v1(&(0x7f0000000400), &(0x7f0000000440)={'fscrypt:', @desc1}, &(0x7f0000000480)={0x0, "6035ae1e0fe721441705322225930e6c1e3e2a51a92fd796bc34d7cf6e0236805b4377f7ab1a9b01c103a4c6a7ef54e6763fd7264c39ea00c508ba6062696138"}, 0x48, 0xfffffffffffffffe)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x60, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffff9ce}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r7}, 0x10)
openat$sndseq(0xffffffffffffff9c, &(0x7f00000021c0), 0x181000)
keyctl$KEYCTL_MOVE(0x4, r5, r4, r4, 0x0)
keyctl$KEYCTL_MOVE(0x4, r3, r3, 0x0, 0x0)

584.640881ms ago: executing program 4 (id=6124):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x2)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000000)=0x5)
r1 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000100)={0x60000008})
ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000040)={0x2, 0x802, 0x28964712, 0xfff, 0x5, "1d4ab803374503053b00", 0x100, 0x6})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$can_raw(0x1d, 0x3, 0x1)
r4 = syz_open_dev$usbmon(&(0x7f0000000000), 0x0, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffff000000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000000e}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kfree\x00', r5, 0x0, 0x101}, 0x18)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$MON_IOCT_RING_SIZE(r4, 0x9204, 0x6a1e)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000180)={'vxcan0\x00', <r6=>0x0})
r7 = socket$can_raw(0x1d, 0x3, 0x1)
r8 = semget$private(0x0, 0x4, 0x410)
semctl$GETPID(r8, 0x3, 0xb, &(0x7f0000000140)=""/28)
bind$can_raw(r7, &(0x7f0000000000)={0x1d, r6}, 0x10)
sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@getchain={0x24, 0x11, 0x839, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r6, {0xb, 0x6}, {0xffff, 0xfff9}, {0x1}}}, 0x24}}, 0x4)

560.929034ms ago: executing program 6 (id=6125):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20f, 0x0, 0x0, 0x0, 0x5}}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41002, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_DEAUTHENTICATE(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x24, r2, 0xfc5, 0x0, 0x0, {{0x11}, {@val={0x8}, @void}}, [@NL80211_ATTR_IE={0x8, 0x2a, [@perr={0x84, 0xffffffffffffff21}]}]}, 0x24}}, 0x0)

508.841929ms ago: executing program 6 (id=6126):
syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000000)='./file2\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='nodots,dmask=00000000000000000000003,usefree,nodots,flush,dots,dots,gid=', @ANYRESHEX=0x0, @ANYBLOB], 0x1, 0x214, &(0x7f0000000840)="$eJzs3D1rW1cYB/AjWa6tlhZPhXbpoV3a5bb10qVDS3GhVNCSRCEv0zWWEyFFAl8NksmgOVM+RwhkCWQL+QL+DFmymYDx5Ck3OJKs2NixE0dy4vx+ix6e/z1X5+jARVy9bP5+91ZjNUtW004ozRdC8Y/QDzuFsBCKYaQffnpwZfvOxavX/v2zUlm6MDvsx/jVd4+v377//ZPOF5cf7nYKIYStxWcbX298s/ni0s16FutZbLU7MY3L7XYnXW7W4ko9ayQx/t+spVkt1ltZbW1fvtpsj5861LIspq1ebNR6sdOOnbVeTG+k9VZMkiTOB06lem8nz8NWnuf5XD/kef62JyhMZl5Myyn3n4/c3kU97l5Nn/e71W518DjI//6nsvRLfGVhPGq7263O7OW/DvK4P58Nnw/zxUPzz8KPPwzy3eyv/yoH8nJYmfzyAQAAAADgXErinkPv7yfJUfmgeu3zgQP370vh29K4MzP5pQAAAABHyHrrjbS5Mrs2KJq1Myvmwv7Ob4+GUzxu+M9Pjz9mQsWXwyK843nKIYSjjymGM9+U6RSj75EPO6PfF5xseOl9TaP8gbwao2I+HBaVw3pjbjqbAgAAnC/jN/0nHlKc6IQAAAAAAAAAAAAAAAAAAADgEzSNPzM76zUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALzJywAAAP//ixdW4w==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.current\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f00000004c0), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ftruncate(r0, 0xf4ff)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendto$inet6(r1, &(0x7f0000000080)="80", 0x1, 0x20040800, &(0x7f0000000100)={0xa, 0x4e21, 0x7, @local, 0x5}, 0x1c)
setsockopt(r1, 0x84, 0x11, &(0x7f0000000040)="020000000980ffff", 0x8)

501.93668ms ago: executing program 7 (id=6127):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8a}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x69, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000c}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='kfree\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r2}, &(0x7f0000000800), &(0x7f0000000840)}, 0x17)

501.28176ms ago: executing program 4 (id=6128):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0xa4}, 0x1, 0x0, 0x0, 0x24000154}, 0x20000050)
r0 = fsopen(&(0x7f0000000040)='sysfs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x1000001, 0x12, r2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r3, &(0x7f0000000200)={0xa, 0x0, 0x2, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r3, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4)
openat$sndseq(0xffffffffffffff9c, 0x0, 0x42202)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='itimer_state\x00', r5}, 0x10)
setitimer(0x0, 0x0, 0x0)
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, "87ee8ac6c46dad33", "2607080d7f4fcf00fd4ef2dece6c7c58", '\x00', '#\x00'}, 0x28)
writev(r3, &(0x7f0000000440)=[{&(0x7f0000000280)="581a17919cc77431510e7fc4ed9fb860505f1495ff92f16a44f8a13d48751d926def1f80b315bdc726cdd8b5d1a91f485854af8fc854b0da7a02522fe7b2c21db7a46c79afc0d444e6c78b0216d2201b128df9d4ed5b4dbe676fe56a6354f819d997a6acb8595633cff6f77473b2b3abcc65b51cb3d3a30bf9b0b2ce59d568d3a89b4933190432c3ac74e4bde1a62c560cb63836552f881c8a8305d2a13d838a5160a6c06c63decc865a92e9539f3513af3a1e6f78608890f912f087214dac06387a", 0xc2}, {&(0x7f00000006c0)="dca50613af5e6bd571acaedc135530c6b170fa7c7f3f2d4d549e9bba215c95d78d3748954fbf12ee1769ca333f31405a71f26f7386d96ea4160ce843eee55e0b293d652dcaf5027ffac4ec392bb05d4bcac0680385cc19dc5d95ee966084695a61662134d66f4fb92d3e4dc8f940f22b4d426d7c22b006d4de7656926edfbbb7cf76b8c20fec8304a9fee449390efabcc2adaa2d8e9a131fd693228d42217ebabdf467664871d69f78ede5635a477fb6e1fdb44475b66d89ec449a15d1306b8b68d4b7893861144de7f7747856513ac797521fae3771a74b69bffb105dfa6ce5739c11c9b110d0986815993f944c8b5907bd78e5def3a803a23f623f1da706a32a047e53250f000000b5333e41d5f12d99198c20a0bb7285f534499b22a5f702be1ea79300e1813e02264c5e747d00185e0611ca5257ce6fba7b872f96927da264316e16540cd3235e37e22112824032dbacfeeb7de66719abd0f7da98d216a2a8daecbb6d0034e72b44fae25a47e119f4f5dafd65a284b14decf6143c6a7a8d08a898afe4cf00b3fbca1c940ccb64a496033d3784432e00de9478dc59237bb22085d590b7c002b6cbbf0330e367ac13a5ad9cdb9c8f92c418e940bcddfc9956ee47a9497a882153386dec236d1b63413d667596c68f22ce3dfd46762463759afc088abdd65c126ece73f41ad9eaa728fbd1a66d312923d04d6853438fb9f420c0e5b901f955bf788de76d3c49f8823a5de4422dd68c1d8c138f2c59520fb7406b2727a978f6ab02f264873ba1833478bd792f6a239f802df8291212bdcfb2860db20e2e2fb935c41a69a7d10045c9c467b5b026985a0542ea49104cf0f8a4b1ee1a45376d38478811d68673499fea9fcd350e98b7b67d40f046a6e4062e9e7a2f841c552c83b541a2d3f450317b844c3d6ff30ae1bb49d6452cb9", 0x29b}], 0x2)
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x2, &(0x7f0000000680)=@gcm_128={{0x303}, "000037d7009400", "c0b6c5b29ca2b838d41ac2fc7ddf972d", "e9be1eae", "bb10000000000001"}, 0x28)
readv(r3, &(0x7f0000000e40)=[{&(0x7f0000000f40)=""/250, 0xff1}], 0x1)
fcntl$getownex(r1, 0x10, &(0x7f0000000140)={0x0, <r6=>0x0})
capset(&(0x7f0000000000)={0x20080522, r6}, &(0x7f0000000040)={0x0, 0xff, 0x4, 0x0, 0xfffffffc, 0x1})
fsconfig$FSCONFIG_SET_PATH_EMPTY(r0, 0x4, &(0x7f0000000080)='dirsync\x00', &(0x7f00000000c0)='./file0\x00', r1)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000a00000a20000000000a01080000000000000000010000090900010073797a3100000000d0000000030a030000000000000000000100000a0900010073797a31000000000900030073797a"], 0x118}, 0x1, 0x0, 0x0, 0x24000144}, 0x20000050)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r7, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2400c000}, 0x20008800)

464.404563ms ago: executing program 0 (id=6129):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40a01, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}})
write$tun(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="001c86dd0700100000004000000060ec97000fc83c00fe8000000000000000000000000000aaff02000000000000000000000000000106"], 0xffe)
syz_io_uring_setup(0x10b, &(0x7f0000000580)={0x0, 0xd733, 0x80, 0x3, 0xbffffffa}, &(0x7f00000003c0)=<r2=>0x0, &(0x7f0000000340))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f00000002c0)=0x9, 0x0, 0x4)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0xa02000000000000, 0x60, &(0x7f0000000000)={'filter\x00', 0xb001, 0x4, 0x3e8, 0x0, 0x0, 0x130, 0x300, 0x300, 0x300, 0x7fffffe, 0x0, {[{{@arp={@local, @empty, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'pimreg\x00', 'veth0_to_bridge\x00'}, 0xc0, 0x130}, @unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f67b23ffdfa27f907a03732da3acbc6518e62a77ca06f258762e88c0d9f9d2f413b94a105f4bdf01425ce81c5d000000000000000500ffffffff00"}}}, {{@arp={@multicast2, @empty, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_to_team\x00', 'ip6tnl0\x00'}, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE3={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x438)

452.434184ms ago: executing program 4 (id=6130):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8a}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x69, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000c}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='kfree\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r2}, &(0x7f0000000800), &(0x7f0000000840)}, 0x17)

413.079018ms ago: executing program 4 (id=6131):
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x39, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$inet_udp(0x2, 0x2, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0xffff0000, 0x40)
ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000600)={0x0, 0x7, 0x8})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
futex(&(0x7f000000cffc)=0x1, 0xd, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc)=0xfffffff2, 0xd, 0x0, 0x0, 0x0, 0x0)
sync()
bind$rds(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, 0x0, 0x0, 0x2, 0x0, 0x0, 0x41100}, 0x94)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f00000001c0), 0x1, 0x5d5, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+yu2/m7fS96e53583b92YDqKzB9K4WsTcippOI/mR+Ma8zsszBhefd+/uT0+ktiXr9jT+TSLJ1+fOT7LEv27gnIn7+KYk9HSvLnZm7cn58amrycrY8PHthenhm7srBcxfGz06enbw4+tLosaNHjh4bOdTWfl0tWHfy+vsf9n829vZ33/yTjHz/21gSx+PV7IlL92OjDMZg43+SrMzqO7bRhZWkI3ufLH2Jk84SK8S65K9fV0Q8Ff3REfdfvP749LVSKwdsqnoSUQcqKhH/UFF5OyA/t19+HlwrpVUCbIW7JxY6AFbGf+dC32D0NPoGdt5LYmm3ThIR7fXMNdsVEbdvjV0/c2vsemxSPxxQbP5aRDxdFP9JI/4HoicGGvFfa4r/tF1wKntM17/eZvnLu4rFP2ydhfjvWTX+o0X8v7Mk/t9ts/zB+8n3epviv7fdXQIAAAAAAIDKunkiIl4s+v6/tjj+JwrG//RFxPENKH9w2fLK7/9rdzagGKDA3RMRrxSO/63lo38HOrLUY43xAF3JmXNTk4ci4vGIOBBdO9LlkVXKOPj5nq9b5Q1m4//yW1r+7WwsYFaPO507mreZGJ8df9j9BiLuXot4pnD8b7J4/E8Kjv/p58H0A5ax5/kbp1rlrR3/wGapfxuxv/D4f/+qFcnq1+cYbrQHhvNWwUrPfvzFD63Kbzf+XWICHl56/N+5evwPJEuv1zOz/jIOz3XWW+W12/7vTt5sWvfR+Ozs5ZGI7uRkR3rftH50/XWGR1EeD3m8pPF/4LnV+/+K2v+9ETG/7G8nfzXPKc49+W/f763qo/0P5Unjf2Jdx//1J0ZvDPzYqvwHO/4faVxe7kC2Rv8fLPgqD9Pu5vUF4dhZlLXV9QUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAR0EtInZFUhtaTNdqQ0MRfRHxROysTV2amX3hzKUPLk6keY3f/6/lv/Tbv7Cc5L//P7BkeXTZ8uGI2B0RX3b0NpaHTl+amih75wEAAAAAAAAAAAAAAAAAAGCb6Gsx/z/1R0fZtQM2XWfZFQBKUxD/v5RRD2DrOf5DdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/UF3iHwAAAAAAHim79938NYmI+Zd7G7dUd5bXVWrNgM1WK7sCQGlc4geqy9AfqC7n+ECyRn5Py43W2nI106cfYmMAAAAAAAAAAAAAqJz9e83/h6oy/x+qy/x/qK58/v++kusBbD3n+ECsMZO/cP7/mlsBAAAAAAAAAAAAABtpZu7K+fGpqcnLEm9tj2psZaJer19N3wXbpT7/80Q+FH671GdZIp/r92BblfeZBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANPsvAAD//0KoJLc=")
openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r1, &(0x7f0000004200)='t', 0x1)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180200000000000000000000000000001801000020207025d5f8ee04002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_udp_int(r3, 0x11, 0x1, &(0x7f0000000140)=0x7, 0x4)
sendmmsg$inet6(r3, &(0x7f0000000080)=[{{&(0x7f0000000100)={0xa, 0x4ea0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}, 0x6}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000580)="6daa2a79ed5cae82f1", 0xfffffc4b}], 0x1}}], 0x3b, 0x4048044)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x121202, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000003c0)=0x1)
mbind(&(0x7f00005b4000/0x4000)=nil, 0x100000000004000, 0x0, 0x0, 0x0, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x8, 0x4, 0x0, 0xffffffffffffffff, 0x400000}, 0x50)
openat$vcsa(0xffffffffffffff9c, &(0x7f0000000380), 0x301802, 0x0)

412.720328ms ago: executing program 7 (id=6132):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40a01, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r1, 0xa02000000000000, 0x60, &(0x7f0000000000)={'filter\x00', 0xb001, 0x4, 0x3e8, 0x0, 0x0, 0x130, 0x300, 0x300, 0x300, 0x7fffffe, 0x0, {[{{@arp={@local, @empty, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'pimreg\x00', 'veth0_to_bridge\x00'}, 0xc0, 0x130}, @unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f67b23ffdfa27f907a03732da3acbc6518e62a77ca06f258762e88c0d9f9d2f413b94a105f4bdf01425ce81c5d000000000000000500ffffffff00"}}}, {{@arp={@multicast2, @empty, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_to_team\x00', 'ip6tnl0\x00'}, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE3={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x438)

361.228944ms ago: executing program 1 (id=6133):
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x39, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$inet_udp(0x2, 0x2, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0xffff0000, 0x40)
ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000600)={0x0, 0x7, 0x8})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
futex(&(0x7f000000cffc)=0x1, 0xd, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc)=0xfffffff2, 0xd, 0x0, 0x0, 0x0, 0x0)
sync()
bind$rds(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, 0x0, 0x0, 0x2, 0x0, 0x0, 0x41100}, 0x94)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f00000001c0), 0x1, 0x5d5, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+yu2/m7fS96e53583b92YDqKzB9K4WsTcippOI/mR+Ma8zsszBhefd+/uT0+ktiXr9jT+TSLJ1+fOT7LEv27gnIn7+KYk9HSvLnZm7cn58amrycrY8PHthenhm7srBcxfGz06enbw4+tLosaNHjh4bOdTWfl0tWHfy+vsf9n829vZ33/yTjHz/21gSx+PV7IlL92OjDMZg43+SrMzqO7bRhZWkI3ufLH2Jk84SK8S65K9fV0Q8Ff3REfdfvP749LVSKwdsqnoSUQcqKhH/UFF5OyA/t19+HlwrpVUCbIW7JxY6AFbGf+dC32D0NPoGdt5LYmm3ThIR7fXMNdsVEbdvjV0/c2vsemxSPxxQbP5aRDxdFP9JI/4HoicGGvFfa4r/tF1wKntM17/eZvnLu4rFP2ydhfjvWTX+o0X8v7Mk/t9ts/zB+8n3epviv7fdXQIAAAAAAIDKunkiIl4s+v6/tjj+JwrG//RFxPENKH9w2fLK7/9rdzagGKDA3RMRrxSO/63lo38HOrLUY43xAF3JmXNTk4ci4vGIOBBdO9LlkVXKOPj5nq9b5Q1m4//yW1r+7WwsYFaPO507mreZGJ8df9j9BiLuXot4pnD8b7J4/E8Kjv/p58H0A5ax5/kbp1rlrR3/wGapfxuxv/D4f/+qFcnq1+cYbrQHhvNWwUrPfvzFD63Kbzf+XWICHl56/N+5evwPJEuv1zOz/jIOz3XWW+W12/7vTt5sWvfR+Ozs5ZGI7uRkR3rftH50/XWGR1EeD3m8pPF/4LnV+/+K2v+9ETG/7G8nfzXPKc49+W/f763qo/0P5Unjf2Jdx//1J0ZvDPzYqvwHO/4faVxe7kC2Rv8fLPgqD9Pu5vUF4dhZlLXV9QUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAR0EtInZFUhtaTNdqQ0MRfRHxROysTV2amX3hzKUPLk6keY3f/6/lv/Tbv7Cc5L//P7BkeXTZ8uGI2B0RX3b0NpaHTl+amih75wEAAAAAAAAAAAAAAAAAAGCb6Gsx/z/1R0fZtQM2XWfZFQBKUxD/v5RRD2DrOf5DdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/UF3iHwAAAAAAHim79938NYmI+Zd7G7dUd5bXVWrNgM1WK7sCQGlc4geqy9AfqC7n+ECyRn5Py43W2nI106cfYmMAAAAAAAAAAAAAqJz9e83/h6oy/x+qy/x/qK58/v++kusBbD3n+ECsMZO/cP7/mlsBAAAAAAAAAAAAABtpZu7K+fGpqcnLEm9tj2psZaJer19N3wXbpT7/80Q+FH671GdZIp/r92BblfeZBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANPsvAAD//0KoJLc=")
openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r1, &(0x7f0000004200)='t', 0x1)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180200000000000000000000000000001801000020207025d5f8ee04002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_udp_int(r3, 0x11, 0x1, &(0x7f0000000140)=0x7, 0x4)
sendmmsg$inet6(r3, &(0x7f0000000080)=[{{&(0x7f0000000100)={0xa, 0x4ea0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}, 0x6}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000580)="6daa2a79ed5cae82f1", 0xfffffc4b}], 0x1}}], 0x3b, 0x4048044)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x121202, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000003c0)=0x1)
mbind(&(0x7f00005b4000/0x4000)=nil, 0x100000000004000, 0x0, 0x0, 0x0, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x8, 0x4, 0x0, 0xffffffffffffffff, 0x400000}, 0x50)
openat$vcsa(0xffffffffffffff9c, &(0x7f0000000380), 0x301802, 0x0)

132.729306ms ago: executing program 0 (id=6134):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a3100000000090003007379"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@newlink={0x20, 0x10, 0x49920d862a92153b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x8001}}, 0x20}}, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd63"], 0xfdef)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

132.061246ms ago: executing program 7 (id=6135):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000240)={'team0\x00', <r2=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="d0000000", @ANYRES16=r1, @ANYBLOB="01002abd7000fcdbdf250100000008000100", @ANYRES32=r2], 0xd0}, 0x1, 0x0, 0x0, 0x24004000}, 0x24044880) (fail_nth: 1)

131.750186ms ago: executing program 7 (id=6136):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20f, 0x0, 0x0, 0x0, 0x5}}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41002, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_DEAUTHENTICATE(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x24, r2, 0xfc5, 0x0, 0x0, {{0x11}, {@val={0x8}, @void}}, [@NL80211_ATTR_IE={0x8, 0x2a, [@perr={0x84, 0xffffffffffffff21}]}]}, 0x24}}, 0x0)

90.560781ms ago: executing program 7 (id=6137):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000000580)=@newtaction={0xa0, 0x30, 0x9, 0x0, 0x0, {}, [{0x8c, 0x1, [@m_bpf={0x88, 0x1, 0x0, 0x0, {{0x8}, {0x60, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x7}, @TCA_ACT_BPF_OPS={0x3c, 0x4, [{0x60}, {}, {0x4}, {0x0, 0x2}, {}, {}, {0x6}]}, @TCA_ACT_BPF_PARMS={0x18}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa0}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r1, r1, 0x0)
bind$bt_l2cap(r3, &(0x7f0000000000)={0x1f, 0x73f, @none, 0x2, 0x2}, 0xe)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000940)={&(0x7f00000013c0)=ANY=[@ANYBLOB="640000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="e5fda988000000002800128009000100766c616e00000000180002800c0002001c0000001f000000060001000000000008000500", @ANYRES32=r2, @ANYBLOB='\b\x00\n\x00', @ANYRES32, @ANYBLOB="0a000100000070"], 0x64}, 0x1, 0x0, 0x0, 0x8811}, 0x0)

76.276972ms ago: executing program 4 (id=6138):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0xa4}, 0x1, 0x0, 0x0, 0x24000154}, 0x20000050)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000a00000a20000000000a01080000000000000000010000090900010073797a3100000000d0000000030a030000000000000000000100000a0900010073797a31000000000900030073797a300000009b5400030062930f94ec"], 0x118}, 0x1, 0x0, 0x0, 0x24000144}, 0x20000050)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2400c000}, 0x20008800)

73.100922ms ago: executing program 1 (id=6139):
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0600000004000000fd0f000002"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f9ffffffb703000000080000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000300)={0xffffffffffffffff, 0x20, &(0x7f00000002c0)={&(0x7f0000000240)=""/80, 0x50, <r1=>0x0}}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000080)='kfree\x00', r2}, 0x18)
r3 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f00000001c0)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300", 0xffffffff}, 0x48, 0xffffffffffffffff)
r4 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)
r5 = add_key$fscrypt_v1(&(0x7f0000000400), &(0x7f0000000440)={'fscrypt:', @desc1}, &(0x7f0000000480)={0x0, "6035ae1e0fe721441705322225930e6c1e3e2a51a92fd796bc34d7cf6e0236805b4377f7ab1a9b01c103a4c6a7ef54e6763fd7264c39ea00c508ba6062696138"}, 0x48, 0xfffffffffffffffe)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x60, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffff9ce}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r7}, 0x10)
keyctl$KEYCTL_MOVE(0x4, r5, r4, r4, 0x0)
keyctl$KEYCTL_MOVE(0x4, r3, r3, 0x0, 0x0)

31.354656ms ago: executing program 1 (id=6140):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x2)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000000)=0x5)
r1 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000100)={0x60000008})
ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000040)={0x2, 0x802, 0x28964712, 0xfff, 0x5, "1d4ab803374503053b00", 0x100, 0x6})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$can_raw(0x1d, 0x3, 0x1)
r4 = syz_open_dev$usbmon(&(0x7f0000000000), 0x0, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffff000000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000000e}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kfree\x00', r5, 0x0, 0x101}, 0x18)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$MON_IOCT_RING_SIZE(r4, 0x9204, 0x6a1e)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000180)={'vxcan0\x00', <r6=>0x0})
socket$can_raw(0x1d, 0x3, 0x1)
r7 = semget$private(0x0, 0x4, 0x410)
semctl$GETPID(r7, 0x3, 0xb, &(0x7f0000000140)=""/28)
sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@getchain={0x24, 0x11, 0x839, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r6, {0xb, 0x6}, {0xffff, 0xfff9}, {0x1}}}, 0x24}}, 0x4)

7.366999ms ago: executing program 0 (id=6141):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8a}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x69, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000c}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='kfree\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r2}, &(0x7f0000000800), &(0x7f0000000840)}, 0x17)

5.970729ms ago: executing program 7 (id=6142):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
r1 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000040), 0xffffffffffffffff) (rerun: 32)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r1, 0x4, 0x70bd26, 0x25dfdbfb, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'ipvlan0\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @mcast2}]}, 0x3c}, 0x1, 0x0, 0x0, 0x24000000}, 0x40000) (async)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), r0) (async)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f00000001c0)={'wpan0\x00', <r4=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r2, &(0x7f00000003c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000380)={&(0x7f0000000200)={0x144, r3, 0x400, 0x70bd27, 0x25dfdbfe, {}, [@NL802154_ATTR_SEC_DEVKEY={0x110, 0x2f, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0002}}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0x300}}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x2b79}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0xb4}, @NL802154_DEVKEY_ATTR_ID={0x40, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_IMPLICIT={0x10, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0002}}]}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x3}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x80000000}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x3}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x6}, @NL802154_KEY_ID_ATTR_INDEX={0x5}]}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0x8c46d0479b597f44}}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x9}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x8}, @NL802154_DEVKEY_ATTR_ID={0x88, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x4}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x1}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x34, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0102}}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xffff}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x2}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x1}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0102}}]}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0xee27}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x2}, @NL802154_KEY_ID_ATTR_IMPLICIT={0xc, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_PAN_ID={0x6}]}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x5}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x8fd}]}]}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r4}]}, 0x144}, 0x1, 0x0, 0x0, 0x804}, 0x1) (async, rerun: 32)
r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000440), 0xffffffffffffffff) (rerun: 32)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x3c, r5, 0x200, 0x70bd2a, 0x25dfdbff, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0xff}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x9}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x6}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x10}, 0x40) (async)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_UNLABEL_C_STATICREMOVE(r6, &(0x7f0000000640)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x64, r1, 0x200, 0x70bd2c, 0x25dfdbfd, {}, [@NLBL_UNLABEL_A_SECCTX={0x25, 0x7, 'system_u:object_r:udev_exec_t:s0\x00'}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:mount_exec_t:s0\x00'}]}, 0x64}}, 0x2804c800) (async, rerun: 32)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000700)=@nat={'nat\x00', 0x1b, 0x5, 0x3f8, 0x0, 0x188, 0xffffffff, 0xa8, 0xa8, 0x360, 0x360, 0xffffffff, 0x360, 0x360, 0x5, &(0x7f0000000680), {[{{@uncond, 0x0, 0x70, 0xa8}, @REDIRECT={0x38, 'REDIRECT\x00', 0x0, {0x1, {0x19, @multicast1, @remote, @port=0x4e21, @icmp_id=0x68}}}}, {{@ip={@remote, @private=0xa010100, 0x0, 0xffffff00, 'nr0\x00', 'wlan1\x00', {}, {0xff}, 0x0, 0x3}, 0x0, 0x98, 0xe0, 0x0, {}, [@common=@inet=@socket2={{0x28}}]}, @unspec=@DNAT1={0x48, 'DNAT\x00', 0x1, {0x0, @ipv4=@broadcast, @ipv4=@rand_addr=0x64010100, @port=0x4e20, @icmp_id=0x64}}}, {{@uncond, 0x0, 0xe8, 0x120, 0x0, {}, [@common=@icmp={{0x28}, {0xc, "d007", 0x1}}, @common=@osf={{0x50}, {'syz1\x00', 0x0, 0x3, 0x0, 0x1}}]}, @SNAT0={0x38, 'SNAT\x00', 0x0, {0x1, {0x11, @empty, @dev={0xac, 0x14, 0x14, 0x3f}, @icmp_id=0x68, @icmp_id=0x67}}}}, {{@uncond, 0x0, 0x70, 0xb8}, @unspec=@DNAT1={0x48, 'DNAT\x00', 0x1, {0xc, @ipv4=@local, @ipv4=@remote, @icmp_id=0x68, @icmp_id=0x68}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x458) (async, rerun: 32)
r7 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000bc0), r0)
sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f0000000cc0)={&(0x7f0000000b80)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000c80)={&(0x7f0000000c00)={0x68, r7, 0x1, 0x70bd2d, 0x25dfdbff, {}, [@NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @loopback}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @private1}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x2}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @private0={0xfc, 0x0, '\x00', 0x9}}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0xfffffffffffffffc}, @NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x1}]}, 0x68}, 0x1, 0x0, 0x0, 0x8840}, 0x4000000)
socket$can_bcm(0x1d, 0x2, 0x2) (async)
r8 = syz_genetlink_get_family_id$nfc(&(0x7f0000000d40), r0)
sendmsg$NFC_CMD_LLC_SET_PARAMS(r6, &(0x7f0000000e40)={&(0x7f0000000d00)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000e00)={&(0x7f0000000d80)={0x44, r8, 0x100, 0x70bd27, 0x25dfdbfc, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_LLC_PARAM_LTO={0x5, 0xf, 0x4}, @NFC_ATTR_LLC_PARAM_MIUX={0x6, 0x11, 0x1d4}, @NFC_ATTR_LLC_PARAM_LTO={0x5, 0xf, 0x6}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_LLC_PARAM_LTO={0x5, 0xf, 0x9}]}, 0x44}, 0x1, 0x0, 0x0, 0x40091}, 0x8005)
r9 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r10 = syz_genetlink_get_family_id$tipc(&(0x7f0000000ec0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_LINKS(r9, &(0x7f0000000f80)={&(0x7f0000000e80)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000f40)={&(0x7f0000000f00)={0x24, r10, 0x101, 0x70bd28, 0x25dfdbfb, {{}, {}, {0x8, 0x11, 0x1}}, ["", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x20000001}, 0x8080)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000fc0)={{0x1, 0x1, 0x18, <r11=>r9}, './file0\x00'})
sendmsg$kcm(r11, &(0x7f0000002540)={&(0x7f0000001000)=@pppoe={0x18, 0x0, {0x1, @empty, 'wlan0\x00'}}, 0x80, &(0x7f0000001280)=[{&(0x7f0000001080)="af4826ad73aef0fa9ffc6c480ba62e587583666bbebf801e0bc8e4e61054f32ac89196360bf7ee4f7ae77ab8853d796f437358eb5b23d89887392dbf67c979392d82ff02278c3df307de94e9754672a4c369cedd0765c4a96e8f168048120e315bf7835e3af9a270294b6fbaa38d96b17b27bbf371099f6416507ae317592356dab9b51c0829e235cdc32da033092a37c04b3721fac9282b3ff46939a2d29653c021b1bc894a9391183392caf2d078f107d52b", 0xb3}, {&(0x7f0000001140)="22e2c843109ece3fd1c02c158144535e1ce727251915b1132054eb9e19cad5", 0x1f}, {&(0x7f0000001180)="0e6e09df321c8526d8f47b0dd31a22f2ac32da8279e8ab982da6f82da1f9c538d85587ff852be6c8c3624d83591d8b6c00282cb56e580a096762fda377c659c7abd835dc948a6ec1f47f2a1c053e394ead643b6c2521782ba49c389050f63f8ffbbe82a3e43121f17ee40e212f08cf638e800213939b1e9ae30ef7e3e67070685d963c6757375fe4a43fce9325516a060519c815163b871abc1cf0308378c0b3776f16b03620bc03cb71e745090e17d127163f5df874972252ccf32680f9cc7e49fb99f5d4aaef8d7a470f7f7e0858e5e9a6374b205b31c053d20d1995d45cc14a6cd2e7019f0019657b4650a8", 0xed}], 0x3, &(0x7f00000012c0)=[{0x10, 0x11, 0x2}, {0xa8, 0x112, 0x1, "195b7a9057158278b6af1d0c864cffd8ba6eb14aa15e7dfb6e46b350e423e03f469fc87c89e5fa1ac0f160c107bf1df296e2257c93913890f0caf099434c62f247f98cfab5839a62e362a0a736876503b135776eb9a336519fd496d40bd6aa8e899e34c1a6e06550857b4b4103609d3a179cf64eb9cca812b46f437067b2119c01e74fcee20abc6a92d76b1064cadf470e8590d5670a"}, {0x20, 0x111, 0x85, "654fab5252fb2771c73a"}, {0x78, 0x114, 0xa6a, "e2a79f0a55d6a72771adc4a451cf1ab3beecd45cdde50e3c474fb2f6482416e542b1c67500277f5e2f8c8db8d73147123744850cba27767597507c41216eb85a480bbb4f61f3046088774ae789198cbb959fd1082bc7d79f44923bdc8f377c41deda5d01ef86a2ab"}, {0x20, 0x10e, 0x4, "bf90d051b5e9833ae2d42904185eec"}, {0x1010, 0x1e, 0x8, "06674d7798cf4e70111e50ae1540669820375c506334b00a6cc2c64206e6592477353762689e0e074a4ab424968b5f2266fd65bab0064f02303fdc439893687ff40bf0b630e0ad3331eb9e16e89aa674d27d4685549227b0cb8cf41eda095625fae1350aebe4e3a3f16601c2f91d960ccd0fa10de485458c4c3846361f0d696943460b91d39c35b58a2427496a99443c469c2bf3f2c5dc49685048b7df3e153dbae54a49a9a807b4bfd3ebbcf4226b5d96329b1bed286778c7721933d18fbfeb79f7abca17dab09a858813e8cca2219b828ed10c83eb0eb5859ac4c303383ba6fedd111644796db0dba1c32339575fef7210d9f64b9806912adfe1bb39f11fc30ea295764f15a788f5f252b03e62f37c6f81f8a58c1b47041f2f2bd6fb15192006d181feaee02f1f511f12ab66e7259fc340b2c04762b9cef8ab0bbce3b47df6058b7af84be99740cd20d91f90fb86af798006a639cb429096d292d59d4e9d58aa4aebff298ae3c7846260fff48498e0c32fa3dcea5035681f3da805239657ada9c35d5bda8d98f9fc90a8ade930a96a509214ee9b8f07c78cf5348c144ae053c1d77193fe9d532eefd8c517a1e0177e482034f59bfba42e26870e85ae1dbe590d2632123f4b6ccf5b6e112489a737e65d26bc4f1be6f46359715c70c5b1b05de2d140c855a701f4f737603ac32bb89ad68a6ac9ed75c180e82027cfde60ced487c38c1a17ba5160da359a301c2cf67f4c86ed7c0069a1631e95c35bdb053a92c001bdd434c49889e3f98c2cc681b7c471c844ee51c8e8752229ec972255ba345f5410037630e6f3b0ccd40fd441a1af5da8de0b0d2175864d7f38977df30f8c17c6f89e75883c54afe681a81504e6bd8f069a4f33da9550894ba467e54da90f15fb910b7bf9587fb3d3613f9082b9beab0e7e0e61298fc839d8d4404051b09e76414845ce48c238b32b0b1d26babeb3d0075dc625264d1fbbe4f7a020f70512607d2a20da7f9f9695274a07a244298b68af34179885d8b908a1a43131f2117a2c69b790ec509c7f8781bbc70a0aedf7fa0ec5338e31f16a4440ee4079d869727f20d31372f42a8153d3dc1bf249be640622de7a437e3218d3f4696bc0db186f76f7500456b00327eb327d8ffdfda0bc21920d40bf43791d23a8bd90650128b5a182de8868bf79c316e54d25ee82452d44384a5b9c7cc210d291870e01f305af52f21f2d21b5a96b789f3076fa706f7e0e0f6c85babc8c5b83dabc7cbd2f24ed8f1105483063fae66f9cf60b4e0aed6c50c7bcd96e34c7502bbe9045f30e78bf492507caf7f8695de812f8643cc600291e7ce7821110d9590b4601a96bc41268fdbc07865109edd2811ce3eb24b9d7c941035a15710fe8bed43d2d6d9efaf1d24fc60a0ea4307fd449b04f8d62db5d610c4157521ff3182974bc0dcf11eb5daecf6ca2c3d0e260e1420a578f209057b192b4166f0f1723500862598a39b0a2cc8b39351ec5b04e8e87e518f213f7c1759633476beb4b145d9848a24241ae5b838e625a63e7c138715483e280bb1d9bfe400b4cccfe293f61e33db52b86bc57cdf0d1536115eedc9c466cc2a43af87251353f6f1f96c318c8003bfa0b7b3503307fcbe4a14952457055100782fe75f395b6d3ff561118d81c0f5c331960093f4cc060cb32095428781d00ce648795bed667273115eb6d7eb6dc20aa75584b5317f0171b5c0a4d65883f8cee17ae5281a16e970b3b61e659771e2683c939cdc9edc4d30fd50ec98f9b92357dbdf058b89de1cdd46c3734f8b8ad1df190de1279d3a35586259be22ccb5580da3389cf9e2db62c32c8ea1e011bc539aa788725a3b72ebdd5f0efaeadb977536afccf623c0a7cbf50cda39d69562f2c164ae52472eede4dc333bc88ca9cde540fac4c2ea655925395e894d92b7cb243c45b5924901b1f141fbec028aa9335bf59a87444215eefcf4b96e04807b090b0d8837f5267e9498544c6d09aea04fa7dcbf8081bf224c28d0ba3e5c270681812a06d84262a9518955c67158adbef025c82229ca53684840abb68aecc65fa0aa50ed0588d4410c9865553ca95d8f7560d97a5e5c7c961275c9cd51997a8e963fc09ab46d34011b273e03b9e5bccc9131431d2d4263a19b581ac7d0ad51abb5a227b70cc691702c2e997cb64a191e1cba6822d57df3b984f8ad89736743c3711562a45f79c379ce9bdb383d2d7f18337a925cf315fefe4ba89d24600d86d81f7a5c108f7c1358bd187cdf5fd2272b2077fb9782643867f2f35a0e327d4b13f58eb232097a9dd75c1341766caf4ba6e860ad3e4ecb1d523cf35842ed6e478b3f58e4a92581610ac9725ed11462ed68e95a9a2eb7a41c8fd1d90f12f11e4f7834c9dc00da6639f80871cf0f3651d34c5ecfa935c8b20256ba164615b9055ecbe2db78708def3722655d76cd1568b69ac67cd4948c8cbde7a4f38a6eb16e35dd932511812dbe9f7482d0bfde5285f07fef96b7f08203969f7e5b2caf1537678dc26472d91db1372fa7980b3b6d2324e37bb298702058a3f7e2af4fe8339e3586e02761bda78aaf72baf6be6e3e49bfd7bc4ff6dd898793ea634f4f9146a2b4e0fa9bb735e9cfb4cb4b7c95ee0109073ffb77462b161b05e1759a5f3052af6db20cff80f988b9f1629d4b65b3cc6539f06bf321fadf036d694a1f4fd0184cc0f80a831825a0a8f6804e0a42673dc839df0065f8b19f595218d6be8f291afaf8506baabf48810ec30a64be0c3adb7dc81d6d75b490d3c4cb931d41d0584cc9199e608b156ed801c3b447fc02322843be8227e865ffc4cff5262f5a16e4c195d3bfa5c3f50c99b30b528ff93ff768501e75757fe49212ecd0eb9d638afe2a898c71f109ad8042e4bcf818c4219e07c2e667a39a869c9371298f70535e96182372c58ddc9f9df904a9a09057f47c91811daaf7b991c01a2420c1e874b40007a8d856078ceabb3abd98bf01a142f977036f56223da8e4784d7140135634769b62a4bce2133e42e1a78b32100f17158a7bbd8a7c652266677c63866b3ad4d92b0028bb15cea78174a27d2c0525477cfd9764f4729cd00b4bafa74238db3eb274b49059495c76882da2b20f31439ddf0b322628c8574241acb966b5fdcecc4eb81691bd9c2fb7ce1b61ac17b66eb83d07987ff20f1db95429e563f0b7903eef906fcefddb0c819b8135dace987e3b2b57befecd0a4ff2bca0b632dd2b8f1c3105b7d8433f4170cf085cd4e95d6c72c14ffdd5eb41aa3f7642453b670e5ee9daa3669ed9332c1b047bda938edcf72063fedece494252612c2aa6fc4e942ab6b5eac76eb0d0094acf7ea9a8b39298531695f828b7fccf7d6cced14d070a2e506830ee8131ca9516c6a5bf7d28d82e819199b046206f7a836eab85af7dd15ff74aa3bff2adb1de12c9f116ff2e7d19a90322ead7e4fb1cac2119088ce06b44b69e1fa2785f9039c2c9daf06ae2bedec93fbb7bf49bd08f879c93238427a98073e07e68f423285950cb0bae2c0401537288a3e2170db0ce1a96c188dae636f63ed089d8907a8527436a0d2075b20b0a076cb7ca3edf53c3ce10f4d34ea17d17a74616400f5a67c98883bb73b0a79b37c9e7beddc535c8f3e25483c3fff22b2dc4cf8a699c467657090788060983530081021e61e8c6c1a92bdfd470f0c2e8e3dbf1f9d28e641d375f0aef26097c47d4122f05f94ce420c4ab6dac5f8546172d967d90227a19c1aa5fb0517bc965cb3bcc683b274634cc4131ba37cf3eed7c26b4a9c51c85c3fd0f188c6355364fd5d5cc88dbc15aea67439e3cee11d8d7933129a0bc0b30ef61d5d7d6eea1b79e91be4e3d918f08aa9d491e4b074c408e38f34564a26038d6bf0ed279441e559426b0a5fe5c3bf360884abfb8476f24874ee63cad88cc9d2cdc585f8f494eb4e00b7e732c67eecd030765229f09b462ae8d39bc7c215823883bda4bebc3a6e27fe50af6a2883c78c7b1ba1b353d2239ae665776720e408b615570c20db62feba660e36acc580a6bab543fbb32fcec06b11391e02171ed5fb3c34334ad05af3f9941241f23a0f89f98a40ff40fb1220324fb540527d6ee4c8c25a183a3ca8138e2a289eee67b760dbbc4011092058ce2c7b4b5066fceda008950e755bd84db5e0bd4ac8ab3788365d8266e3b33335f93ca6a8c8ba7504a723af3b2031ce686d57b7ff657bfa8d4c32dbedf4296a83bb8c1cce2168f1c12c0c33fb40fb3fa846518bcba94ef24e880a841426d8dfef39c36f42e0b59be5ee9a54eab04b0cf468da1a0e7f96f8860a1984978897897c62f2024b20c92dee03e6d4cda2efd9f7497118d567977f815e3f407b376df1f47de9c0068fb651b8c6f9111028516d359264b01e8d02a54155e4c2f70178396910612ac9fc3e494e874e0c29799c853629e01bb2afea7eba0ccb387916439805450bcb0e86a2573b05307623c83bf8371c99e6cc54bb3f59c14057017f60777ca8364007759794017bc7412cd1898a80f0045c845b724c1a790c2227cb72a2e859e46ffb09e849606f7730f75691a593ccbebae7cbb91a09d2ea2ff9f2fbf6c6bdcec990663f7d212fe94c80e9f9412719173fd894a51a662478d14716e47832961e14f61645a0baabc8da769cec0d32533621cb0a6e71b193940f8ecd7f2c2a81e20e2ca98a57ab950137e115f681a5f54c0de72ffae11e78adba66b153639d002c014d2bb1bd820fc92f2ea2cbafd74ec054cb66747910eece7ebd0cadc8607e065213e8668e6f1422a948f0f50c24b7111911fcc2bc361fb8c45e526a37cb6112b3b77972ff01f38f88dd37d27e072d445c7a79af261fc7804b17d61c0d1bd102ff5d3374a04810d79863215bc375370e4477b33a173abb300a3de000584aec023d7b8672902216b64156719ccd96e1eef6b0ee44f7d25afab8303852a3c6c61c73fa394827fed1954547332fa30a55e7f7677ecef6ddfcec295d8a0a520f539562903f9192ba6eba8646a2ef312d135468dda24dced6172d2ebd29cf21076ff9dfe9867f7219d443d030bf9be8998138e173a8a318a3de70ee2b0a80793d32121a2f4f20bc0e2baca8fa61f1fba9ef8bf8aa9b1dff468c94de550682bae99abd023580015a67ab43b82e0818a1313a9815d1aae0ed998899ba32df7a726f16ba5d3ada2ab1c01cf486664d2b62803d79e81b4ef9f45e40330bbf4b28c7fbf0ed4aeb30ca67ec18d991746944519f8082208d5fd9b6f62cd2cf9adc5bc5d3d761d840b5fd889e88c85a84d96537812a08b4ed65052d9ded4f2f57990aa112a1acfc7d53467ffc03d01d806b3089bf60ace8c7b678a2e93f2996c5a8aaab4b4095ef6cff12cf71a53e18fbe7148a4314b019be028cac0bc790e152b844d88b11835072c5ebae3e4d4824854fcf63eec629e0aaa3a1894404033cc32bb662a5684ac948b226c4488c2bf1d8254ca7935471eaafd46a87e186fcf3bfdfda2492c803820ef03bd8ab0e670a7a4214b50d1fbb890da3f2b2edfcbad186ae3542221349c5be5c018c829ac07acf28611f67bb23a28c34bc48296dd75a38b9b1c962ad3ec613cc0c7b03286f62ad8bfbff15bb45b8b060aadb56bb96979d2131a4d0a6d39608f3ee48cb19d61bbf8fe97f7de5f072d4037134a8574c27adee11319894dec02e5f6406202c752c662a1712ce57fd27752c7a65477d4ee8f49d784c5bc25f091b3c57c0b2c0d78db8206b20e259850ca2a7164d8ba2af7bf9fb3f5e7745512ba03193aec2c208e653ef86daba7a0734"}, {0xe8, 0x118, 0x8, "f295290a3a241af3ca9f5ada494b6ff2cfc0b78d60b24717a804c134b6897be2775cfa28b7022a416625f59b0d4295af110737e630e1245cbf12f0d83d24334a631b2507ffa5108c160c8731cceb912297cfc45bf5bc6e6275a56af389eb854fa29e517ad652f2adf0ca73d615d2bc29b55bb8eda6e96131cc52089706c5683045e49ad3bd7a39b2ba11869974c59fb6c262df69bba440e9e087d164d308fa3901599537422b4cffb431519cddb375d851926f117cf90e2753c247543735778ff11202bca1e9574094677d200fc25138ef18ccdde2ec69"}], 0x1268}, 0x40) (async)
sendmsg$NLBL_MGMT_C_ADD(r6, &(0x7f0000002640)={&(0x7f0000002580)={0x10, 0x0, 0x0, 0x10100}, 0xc, &(0x7f0000002600)={&(0x7f00000025c0)={0x28, r7, 0x200, 0x70bd2d, 0x25dfdbfe, {}, [@NLBL_MGMT_A_DOMAIN={0x9, 0x1, 'icmp\x00'}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @local}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) (async, rerun: 32)
r12 = syz_genetlink_get_family_id$nbd(&(0x7f00000026c0), r6) (async, rerun: 32)
r13 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000002700), 0x7e33c0, 0x0)
r14 = dup(r11)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000002740)={<r15=>0xffffffffffffffff})
sendmsg$NBD_CMD_CONNECT(r2, &(0x7f0000002840)={&(0x7f0000002680)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000002800)={&(0x7f0000002780)={0x54, r12, 0x200, 0x70bd26, 0x25dfdbff, {}, [@NBD_ATTR_SOCKETS={0x40, 0x7, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r13}}, {0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r11}}, {0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r14}}, {0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r11}}, {0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r15}}]}]}, 0x54}}, 0x8010) (async)
bind$inet6(r14, &(0x7f0000002880)={0xa, 0x4e21, 0x9, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x7}, 0x1c)
sendmsg$NL80211_CMD_DISCONNECT(r9, &(0x7f0000002a00)={&(0x7f00000028c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000029c0)={&(0x7f0000002940)={0x58, 0x0, 0x2, 0x70bd28, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x9, 0x19}}}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x20}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0xc}, @NL80211_ATTR_REASON_CODE={0x6}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x21}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x3d}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x3e}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x35}]}, 0x58}, 0x1, 0x0, 0x0, 0x41}, 0x20040000)

0s ago: executing program 4 (id=6143):
bpf$MAP_LOOKUP_ELEM(0x4, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x89a0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r3, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0xffffff1f, 0x0, 0x1, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @veth={{0x9}, {0x4, 0x2, 0x0, 0x1, @void}}}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=@newlink={0x48, 0x10, 0xff05, 0x0, 0x0, {0x0, 0x0, 0x4a00}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @batadv={{0xb}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r3}, @IFLA_ADDRESS={0xa, 0x1, @multicast}]}, 0x48}}, 0x0)
perf_event_open(&(0x7f0000000680)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x403, 0x2af0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
r5 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r5, 0x0, 0x27, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r6 = socket$netlink(0x10, 0x3, 0x0)
writev(r6, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', r3, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r8}, 0x10)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)
set_mempolicy_home_node(&(0x7f0000146000/0x1000)=nil, 0x1000, 0x0, 0x0)
writev(r6, &(0x7f0000000100)=[{&(0x7f0000000400)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000200000000000006040000000000f93132", 0x39}], 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000000000000000000000000851000000600000018020000", @ANYRES32, @ANYBLOB="00000000000000006600020000000000180000000000000000000000000000009500040000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a00000000000085000000060000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x2, 0xff5c, &(0x7f0000000340)=""/222}, 0x78)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0xa4}, 0x1, 0x0, 0x0, 0x24000154}, 0x20000050)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000a00000a20000000000a01080000000000000000010000090900010073797a3100000000d0000000030a030000000000000000000100000a0900010073797a31000000000900030073797a300000009b5400030062930f94ec"], 0x118}, 0x1, 0x0, 0x0, 0x24000144}, 0x20000050)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
socket$nl_netfilter(0x10, 0x3, 0xc)

kernel console output (not intermixed with test programs):

YSCALL_64_after_hwframe+0x77/0x7f
[  656.144884][T21288] RIP: 0033:0x7fb8ba00eec9
[  656.144900][T21288] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  656.144924][T21288] RSP: 002b:00007fb8b8a6f038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  656.144949][T21288] RAX: ffffffffffffffda RBX: 00007fb8ba265fa0 RCX: 00007fb8ba00eec9
[  656.144965][T21288] RDX: 0000000000001b86 RSI: 0000000000002241 RDI: 0000000000000004
[  656.144977][T21288] RBP: 00007fb8b8a6f090 R08: 00002000000001c0 R09: 0000000000000008
[  656.144989][T21288] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[  656.145001][T21288] R13: 00007fb8ba266038 R14: 00007fb8ba265fa0 R15: 00007ffd3ba7b108
[  656.145109][T21288]  </TASK>
[  656.984268][T21317] loop7: detected capacity change from 0 to 1024
[  656.993379][T21317] EXT4-fs: Ignoring removed orlov option
[  657.010365][T21317] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  657.050186][T21322] loop0: detected capacity change from 0 to 1024
[  657.063215][T20548] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  657.074284][T21322] EXT4-fs: Ignoring removed orlov option
[  657.100095][T21322] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  657.151697][T14373] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  657.268524][T21333] loop4: detected capacity change from 0 to 512
[  657.299275][T21333] vfat: Bad value for 'uni_xlate'
[  657.337896][T21336] netlink: 32 bytes leftover after parsing attributes in process `syz.0.5443'.
[  657.361595][T21333] vhci_hcd: invalid port number 96
[  657.366770][T21333] vhci_hcd: default hub control req: 0300 vfffa i0060 l0
[  657.375506][T21333] sd 0:0:1:0: device reset
[  659.546749][T21425] loop4: detected capacity change from 0 to 512
[  659.553992][   T29] kauditd_printk_skb: 172 callbacks suppressed
[  659.554007][   T29] audit: type=1326 audit(1760552840.776:19075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21427 comm="syz.7.5457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8ba00eec9 code=0x7ffc0000
[  659.583876][   T29] audit: type=1326 audit(1760552840.776:19076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21427 comm="syz.7.5457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8ba00eec9 code=0x7ffc0000
[  659.642204][T21425] vfat: Bad value for 'uni_xlate'
[  659.681847][T21425] vhci_hcd: invalid port number 96
[  659.687022][T21425] vhci_hcd: default hub control req: 0300 vfffa i0060 l0
[  659.691954][   T29] audit: type=1326 audit(1760552840.826:19077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21427 comm="syz.7.5457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb8ba00d710 code=0x7ffc0000
[  659.717854][   T29] audit: type=1326 audit(1760552840.826:19078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21427 comm="syz.7.5457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb8ba00d710 code=0x7ffc0000
[  659.741652][   T29] audit: type=1326 audit(1760552840.826:19079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21427 comm="syz.7.5457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8ba00eec9 code=0x7ffc0000
[  659.745487][T21442] sd 0:0:1:0: device reset
[  659.765635][   T29] audit: type=1326 audit(1760552840.826:19080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21427 comm="syz.7.5457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8ba00eec9 code=0x7ffc0000
[  659.893890][T21449] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=21449 comm=syz.7.5460
[  659.988109][T21459] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5463'.
[  660.027694][T21459] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5463'.
[  660.100023][T21459] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5463'.
[  660.287364][T21485] loop0: detected capacity change from 0 to 1024
[  660.300663][T21492] loop7: detected capacity change from 0 to 512
[  660.301843][T21485] EXT4-fs: Ignoring removed orlov option
[  660.313555][T21492] vfat: Bad value for 'uni_xlate'
[  660.330871][T21485] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  660.376706][T14373] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  660.384350][T21492] vhci_hcd: invalid port number 96
[  660.390816][T21492] vhci_hcd: default hub control req: 0300 vfffa i0060 l0
[  660.398517][T21492] sd 0:0:1:0: device reset
[  660.507909][   T29] audit: type=1326 audit(1760552841.726:19081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21502 comm="syz.0.5475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57a182eec9 code=0x7ffc0000
[  660.537494][   T29] audit: type=1326 audit(1760552841.756:19082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21502 comm="syz.0.5475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57a182eec9 code=0x7ffc0000
[  660.561249][   T29] audit: type=1326 audit(1760552841.756:19083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21502 comm="syz.0.5475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f57a182eec9 code=0x7ffc0000
[  660.584976][   T29] audit: type=1326 audit(1760552841.756:19084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21502 comm="syz.0.5475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57a182eec9 code=0x7ffc0000
[  660.641079][T21510] FAULT_INJECTION: forcing a failure.
[  660.641079][T21510] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  660.654432][T21510] CPU: 0 UID: 0 PID: 21510 Comm: syz.0.5477 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  660.654505][T21510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  660.654522][T21510] Call Trace:
[  660.654528][T21510]  <TASK>
[  660.654534][T21510]  __dump_stack+0x1d/0x30
[  660.654555][T21510]  dump_stack_lvl+0xe8/0x140
[  660.654574][T21510]  dump_stack+0x15/0x1b
[  660.654589][T21510]  should_fail_ex+0x265/0x280
[  660.654643][T21510]  should_fail+0xb/0x20
[  660.654684][T21510]  should_fail_usercopy+0x1a/0x20
[  660.654711][T21510]  _copy_from_user+0x1c/0xb0
[  660.654742][T21510]  ___sys_sendmsg+0xc1/0x1d0
[  660.654853][T21510]  __x64_sys_sendmsg+0xd4/0x160
[  660.654974][T21510]  x64_sys_call+0x191e/0x3000
[  660.655001][T21510]  do_syscall_64+0xd2/0x200
[  660.655031][T21510]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  660.655112][T21510]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  660.655140][T21510]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  660.655167][T21510] RIP: 0033:0x7f57a182eec9
[  660.655204][T21510] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  660.655280][T21510] RSP: 002b:00007f57a028f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  660.655299][T21510] RAX: ffffffffffffffda RBX: 00007f57a1a85fa0 RCX: 00007f57a182eec9
[  660.655311][T21510] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  660.655323][T21510] RBP: 00007f57a028f090 R08: 0000000000000000 R09: 0000000000000000
[  660.655339][T21510] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  660.655355][T21510] R13: 00007f57a1a86038 R14: 00007f57a1a85fa0 R15: 00007ffcc66ca858
[  660.655393][T21510]  </TASK>
[  661.143448][T21523] loop4: detected capacity change from 0 to 512
[  661.156949][T21523] vfat: Bad value for 'uni_xlate'
[  661.460417][T21526] loop7: detected capacity change from 0 to 512
[  661.657037][T21526] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  661.706733][T21523] vhci_hcd: invalid port number 96
[  661.711996][T21523] vhci_hcd: default hub control req: 0300 vfffa i0060 l0
[  661.741480][T21523] sd 0:0:1:0: device reset
[  661.797678][T21539] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5486'.
[  661.853747][T21539] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5486'.
[  661.888490][T21539] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5486'.
[  661.911603][T20548] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  662.035211][T21560] loop4: detected capacity change from 0 to 1024
[  662.046233][T21567] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=21567 comm=syz.0.5492
[  662.061630][T21560] EXT4-fs: Ignoring removed orlov option
[  662.094347][T21560] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  662.155604][T21581] loop1: detected capacity change from 0 to 128
[  662.176640][T12203] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  662.206581][T21581] bio_check_eod: 66 callbacks suppressed
[  662.206598][T21581] syz.1.5496: attempt to access beyond end of device
[  662.206598][T21581] loop1: rw=2049, sector=154, nr_sectors = 6 limit=128
[  662.248077][T21581] syz.1.5496: attempt to access beyond end of device
[  662.248077][T21581] loop1: rw=2049, sector=158, nr_sectors = 2 limit=128
[  662.261610][T21581] Buffer I/O error on dev loop1, logical block 79, lost async page write
[  662.300656][T21581] syz.1.5496: attempt to access beyond end of device
[  662.300656][T21581] loop1: rw=2049, sector=160, nr_sectors = 2 limit=128
[  662.314303][T21581] Buffer I/O error on dev loop1, logical block 80, lost async page write
[  662.427867][T21580] syz.1.5496: attempt to access beyond end of device
[  662.427867][T21580] loop1: rw=2049, sector=162, nr_sectors = 88 limit=128
[  662.477381][T21580] syz.1.5496: attempt to access beyond end of device
[  662.477381][T21580] loop1: rw=2049, sector=138, nr_sectors = 12 limit=128
[  662.842047][T21632] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=21632 comm=syz.6.5506
[  663.106304][T21638] loop1: detected capacity change from 0 to 128
[  664.150167][T21674] loop1: detected capacity change from 0 to 1024
[  664.158189][T21674] EXT4-fs: Ignoring removed orlov option
[  664.168302][T21674] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  664.208795][T21678] loop4: detected capacity change from 0 to 256
[  664.270338][T13903] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  664.504231][T21690] program syz.4.5531 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  664.637430][T21698] loop6: detected capacity change from 0 to 512
[  664.659918][T21698] vfat: Bad value for 'uni_xlate'
[  664.742383][T21698] vhci_hcd: invalid port number 96
[  664.747590][T21698] vhci_hcd: default hub control req: 0300 vfffa i0060 l0
[  664.784950][T21698] sd 0:0:1:0: device reset
[  664.793508][   T29] kauditd_printk_skb: 155 callbacks suppressed
[  664.793525][   T29] audit: type=1326 audit(1760552846.016:19240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21699 comm="syz.4.5536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9a242eec9 code=0x7ffc0000
[  664.840921][   T29] audit: type=1326 audit(1760552846.046:19241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21699 comm="syz.4.5536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9a242eec9 code=0x7ffc0000
[  664.864600][   T29] audit: type=1326 audit(1760552846.046:19242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21699 comm="syz.4.5536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa9a242d710 code=0x7ffc0000
[  664.888296][   T29] audit: type=1326 audit(1760552846.046:19243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21699 comm="syz.4.5536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa9a242d710 code=0x7ffc0000
[  664.911958][   T29] audit: type=1326 audit(1760552846.046:19244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21699 comm="syz.4.5536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9a242eec9 code=0x7ffc0000
[  664.935546][   T29] audit: type=1326 audit(1760552846.046:19245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21699 comm="syz.4.5536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9a242eec9 code=0x7ffc0000
[  664.959340][   T29] audit: type=1326 audit(1760552846.046:19246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21699 comm="syz.4.5536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=295 compat=0 ip=0x7fa9a242eec9 code=0x7ffc0000
[  664.982982][   T29] audit: type=1326 audit(1760552846.046:19247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21699 comm="syz.4.5536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9a242eec9 code=0x7ffc0000
[  665.040985][T21706] loop6: detected capacity change from 0 to 1024
[  665.072381][T21706] EXT4-fs: Ignoring removed orlov option
[  665.091174][   T29] audit: type=1326 audit(1760552846.246:19248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21703 comm="syz.4.5539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9a242eec9 code=0x7ffc0000
[  665.099405][T21706] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  665.114972][   T29] audit: type=1326 audit(1760552846.246:19249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21703 comm="syz.4.5539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9a242eec9 code=0x7ffc0000
[  665.153948][T21710] loop4: detected capacity change from 0 to 512
[  665.172752][T21705] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  665.194498][T20529] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  665.203824][T21710] EXT4-fs (loop4): first meta block group too large: 100663296 (group descriptor block count 1)
[  665.285866][T21713] loop0: detected capacity change from 0 to 128
[  665.424226][T21705] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  665.514866][T21705] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  665.611301][T21705] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  665.733364][  T314] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  665.802575][  T314] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  665.842053][  T314] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  665.850464][  T314] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  665.879542][T21723] loop7: detected capacity change from 0 to 1024
[  665.888724][T21723] EXT4-fs: Ignoring removed orlov option
[  665.912839][T21723] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  665.973594][T20548] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  666.099259][T21743] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=21743 comm=syz.7.5551
[  666.120542][T21745] syzkaller1: entered promiscuous mode
[  666.122274][T21711] syz.0.5541: attempt to access beyond end of device
[  666.122274][T21711] loop0: rw=2049, sector=138, nr_sectors = 112 limit=128
[  666.126094][T21745] syzkaller1: entered allmulticast mode
[  666.320935][T21761] loop6: detected capacity change from 0 to 128
[  666.336390][T21755] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5557'.
[  666.938808][T21783] loop0: detected capacity change from 0 to 128
[  666.948043][T21784] FAULT_INJECTION: forcing a failure.
[  666.948043][T21784] name failslab, interval 1, probability 0, space 0, times 0
[  666.960788][T21784] CPU: 0 UID: 0 PID: 21784 Comm: syz.6.5563 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  666.960814][T21784] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  666.960851][T21784] Call Trace:
[  666.960860][T21784]  <TASK>
[  666.960870][T21784]  __dump_stack+0x1d/0x30
[  666.960896][T21784]  dump_stack_lvl+0xe8/0x140
[  666.960923][T21784]  dump_stack+0x15/0x1b
[  666.960974][T21784]  should_fail_ex+0x265/0x280
[  666.961021][T21784]  should_failslab+0x8c/0xb0
[  666.961106][T21784]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[  666.961217][T21784]  ? dup_task_struct+0x70/0x6b0
[  666.961256][T21784]  dup_task_struct+0x70/0x6b0
[  666.961308][T21784]  ? _parse_integer+0x27/0x40
[  666.961420][T21784]  copy_process+0x399/0x2000
[  666.961455][T21784]  ? kstrtouint+0x76/0xc0
[  666.961558][T21784]  ? kstrtouint_from_user+0x9f/0xf0
[  666.961605][T21784]  ? __rcu_read_unlock+0x4f/0x70
[  666.961679][T21784]  kernel_clone+0x16c/0x5c0
[  666.961715][T21784]  ? vfs_write+0x7e8/0x960
[  666.961739][T21784]  __x64_sys_clone+0xe6/0x120
[  666.961775][T21784]  x64_sys_call+0x119c/0x3000
[  666.961877][T21784]  do_syscall_64+0xd2/0x200
[  666.961976][T21784]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  666.962011][T21784]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  666.962112][T21784]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  666.962203][T21784] RIP: 0033:0x7f2d581aeec9
[  666.962221][T21784] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  666.962246][T21784] RSP: 002b:00007f2d56bccfe8 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[  666.962272][T21784] RAX: ffffffffffffffda RBX: 00007f2d58406180 RCX: 00007f2d581aeec9
[  666.962285][T21784] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  666.962297][T21784] RBP: 00007f2d56bcd090 R08: 0000000000000000 R09: 0000000000000000
[  666.962310][T21784] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001
[  666.962321][T21784] R13: 00007f2d58406218 R14: 00007f2d58406180 R15: 00007ffd1df53be8
[  666.962419][T21784]  </TASK>
[  667.258358][T21783] syz.0.5566: attempt to access beyond end of device
[  667.258358][T21783] loop0: rw=2049, sector=154, nr_sectors = 6 limit=128
[  667.290027][T21783] syz.0.5566: attempt to access beyond end of device
[  667.290027][T21783] loop0: rw=2049, sector=158, nr_sectors = 2 limit=128
[  667.303555][T21783] Buffer I/O error on dev loop0, logical block 79, lost async page write
[  667.317110][T21783] syz.0.5566: attempt to access beyond end of device
[  667.317110][T21783] loop0: rw=2049, sector=160, nr_sectors = 2 limit=128
[  667.330618][T21783] Buffer I/O error on dev loop0, logical block 80, lost async page write
[  667.444878][T21782] syz.0.5566: attempt to access beyond end of device
[  667.444878][T21782] loop0: rw=524288, sector=154, nr_sectors = 8 limit=128
[  667.461566][T21782] syz.0.5566: attempt to access beyond end of device
[  667.461566][T21782] loop0: rw=0, sector=154, nr_sectors = 8 limit=128
[  667.474924][T21782] syz.0.5566: attempt to access beyond end of device
[  667.474924][T21782] loop0: rw=0, sector=154, nr_sectors = 8 limit=128
[  667.488217][T21782] syz.0.5566: attempt to access beyond end of device
[  667.488217][T21782] loop0: rw=0, sector=154, nr_sectors = 8 limit=128
[  667.501568][T21782] syz.0.5566: attempt to access beyond end of device
[  667.501568][T21782] loop0: rw=0, sector=154, nr_sectors = 8 limit=128
[  667.686545][T21782] syz.0.5566: attempt to access beyond end of device
[  667.686545][T21782] loop0: rw=0, sector=154, nr_sectors = 8 limit=128
[  667.744494][T21800] loop6: detected capacity change from 0 to 256
[  667.812123][T21782] syz.0.5566: attempt to access beyond end of device
[  667.812123][T21782] loop0: rw=0, sector=154, nr_sectors = 8 limit=128
[  668.138294][T21818] loop0: detected capacity change from 0 to 1024
[  668.147973][T21818] EXT4-fs: Ignoring removed orlov option
[  668.197100][T21818] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  668.262850][T14373] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  668.272119][T21825] loop6: detected capacity change from 0 to 512
[  668.282733][T21825] vfat: Bad value for 'uni_xlate'
[  668.340042][T21827] loop0: detected capacity change from 0 to 128
[  668.361667][T21825] vhci_hcd: invalid port number 96
[  668.366820][T21825] vhci_hcd: default hub control req: 0300 vfffa i0060 l0
[  668.388317][T21825] sd 0:0:1:0: device reset
[  668.620164][T21844] loop6: detected capacity change from 0 to 1024
[  668.639006][T21844] EXT4-fs: Ignoring removed orlov option
[  668.668879][T21844] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  668.823106][T20529] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  668.894411][T21856] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  669.030968][T21859] loop6: detected capacity change from 0 to 128
[  669.081021][T21856] netlink: 'syz.7.5593': attribute type 30 has an invalid length.
[  669.090466][T21856] bridge0: port 2(bridge_slave_1) entered disabled state
[  669.288402][T21868] program syz.6.5598 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  669.757430][T21904] loop7: detected capacity change from 0 to 128
[  669.892306][T21916] program syz.7.5617 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  670.632631][   T29] kauditd_printk_skb: 39 callbacks suppressed
[  670.632650][   T29] audit: type=1326 audit(1760552851.856:19289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21939 comm="syz.7.5626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8ba00eec9 code=0x7ffc0000
[  670.662948][   T29] audit: type=1326 audit(1760552851.856:19290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21939 comm="syz.7.5626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb8ba00d710 code=0x7ffc0000
[  670.686581][   T29] audit: type=1326 audit(1760552851.856:19291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21939 comm="syz.7.5626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb8ba00d710 code=0x7ffc0000
[  670.714635][   T29] audit: type=1326 audit(1760552851.856:19292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21939 comm="syz.7.5626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8ba00eec9 code=0x7ffc0000
[  670.738288][   T29] audit: type=1326 audit(1760552851.856:19293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21939 comm="syz.7.5626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=295 compat=0 ip=0x7fb8ba00eec9 code=0x7ffc0000
[  670.761928][   T29] audit: type=1326 audit(1760552851.856:19294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21939 comm="syz.7.5626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8ba00eec9 code=0x7ffc0000
[  670.797613][T21942] loop7: detected capacity change from 0 to 1024
[  670.806898][T21942] EXT4-fs: Ignoring removed orlov option
[  670.817313][T21942] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  670.868314][T20548] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  670.986560][T21952] loop1: detected capacity change from 0 to 1024
[  671.004761][T21952] EXT4-fs: Ignoring removed orlov option
[  671.016367][T21952] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  671.097563][T13903] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  671.109740][T21955] loop7: detected capacity change from 0 to 128
[  671.169610][T21958] program syz.1.5633 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  671.205716][   T29] audit: type=1326 audit(1760552852.426:19295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21961 comm="syz.6.5635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d581aeec9 code=0x7ffc0000
[  671.229421][   T29] audit: type=1326 audit(1760552852.426:19296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21961 comm="syz.6.5635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d581aeec9 code=0x7ffc0000
[  671.268397][   T29] audit: type=1326 audit(1760552852.476:19297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21961 comm="syz.6.5635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2d581ad710 code=0x7ffc0000
[  671.292034][   T29] audit: type=1326 audit(1760552852.476:19298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21961 comm="syz.6.5635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2d581ad710 code=0x7ffc0000
[  671.914929][T21976] loop6: detected capacity change from 0 to 512
[  671.944967][T21976] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  672.949839][T21995] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=21995 comm=syz.0.5647
[  673.035939][T21999] loop7: detected capacity change from 0 to 512
[  673.091746][T21999] vfat: Bad value for 'uni_xlate'
[  673.114099][T22004] loop0: detected capacity change from 0 to 128
[  673.152068][T21999] vhci_hcd: invalid port number 96
[  673.157238][T21999] vhci_hcd: default hub control req: 0300 vfffa i0060 l0
[  673.166973][T22009] loop1: detected capacity change from 0 to 1024
[  673.174524][T22009] EXT4-fs: Ignoring removed nobh option
[  673.180203][T22009] EXT4-fs: Ignoring removed bh option
[  673.186817][T21999] sd 0:0:1:0: device reset
[  673.222961][T22009] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  673.338999][T22009] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000.
[  673.369949][T22018] loop0: detected capacity change from 0 to 1024
[  673.381948][T13903] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  673.403601][T22018] EXT4-fs: Ignoring removed orlov option
[  673.425606][T22018] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  673.496039][T14373] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  673.508523][T22029] loop7: detected capacity change from 0 to 128
[  673.586052][T22029] bio_check_eod: 59 callbacks suppressed
[  673.586072][T22029] syz.7.5660: attempt to access beyond end of device
[  673.586072][T22029] loop7: rw=2049, sector=145, nr_sectors = 16 limit=128
[  673.605583][T22029] syz.7.5660: attempt to access beyond end of device
[  673.605583][T22029] loop7: rw=2049, sector=169, nr_sectors = 24 limit=128
[  673.619335][T22029] syz.7.5660: attempt to access beyond end of device
[  673.619335][T22029] loop7: rw=2049, sector=201, nr_sectors = 8 limit=128
[  673.634703][T22029] syz.7.5660: attempt to access beyond end of device
[  673.634703][T22029] loop7: rw=2049, sector=217, nr_sectors = 8 limit=128
[  673.648409][T22029] syz.7.5660: attempt to access beyond end of device
[  673.648409][T22029] loop7: rw=2049, sector=233, nr_sectors = 8 limit=128
[  673.663428][T22029] syz.7.5660: attempt to access beyond end of device
[  673.663428][T22029] loop7: rw=2049, sector=249, nr_sectors = 8 limit=128
[  673.687252][T22038] syz.7.5660: attempt to access beyond end of device
[  673.687252][T22038] loop7: rw=2049, sector=297, nr_sectors = 80 limit=128
[  673.702402][T22029] syz.7.5660: attempt to access beyond end of device
[  673.702402][T22029] loop7: rw=2049, sector=265, nr_sectors = 8 limit=128
[  673.718847][T22038] syz.7.5660: attempt to access beyond end of device
[  673.718847][T22038] loop7: rw=2049, sector=385, nr_sectors = 8 limit=128
[  673.739294][T22029] syz.7.5660: attempt to access beyond end of device
[  673.739294][T22029] loop7: rw=2049, sector=281, nr_sectors = 9 limit=128
[  673.766980][T22036] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5660'.
[  673.776001][T22036] netlink: 24 bytes leftover after parsing attributes in process `syz.7.5660'.
[  674.018987][T22048] loop7: detected capacity change from 0 to 256
[  674.149335][T22061] loop0: detected capacity change from 0 to 128
[  674.178830][T22066] loop7: detected capacity change from 0 to 128
[  674.190953][T22063] loop1: detected capacity change from 0 to 1024
[  674.219469][T22063] EXT4-fs: Ignoring removed orlov option
[  674.258365][T22063] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  674.302817][T13903] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  674.500723][T22097] loop1: detected capacity change from 0 to 1024
[  674.510169][T22097] EXT4-fs: Ignoring removed nobh option
[  674.515997][T22097] EXT4-fs: Ignoring removed bh option
[  674.541494][T22097] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  674.564564][T22103] loop7: detected capacity change from 0 to 128
[  674.584282][T22103] Buffer I/O error on dev loop7, logical block 79, lost async page write
[  674.586414][T22097] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000.
[  674.593206][T22103] Buffer I/O error on dev loop7, logical block 80, lost async page write
[  674.610776][T22103] Buffer I/O error on dev loop7, logical block 83, lost async page write
[  674.619363][T22103] Buffer I/O error on dev loop7, logical block 84, lost async page write
[  674.628476][T13903] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  674.631673][T22103] Buffer I/O error on dev loop7, logical block 95, lost async page write
[  674.646408][T22103] Buffer I/O error on dev loop7, logical block 96, lost async page write
[  674.707510][T22108] loop1: detected capacity change from 0 to 1024
[  674.720792][T22108] EXT4-fs: Ignoring removed orlov option
[  674.729840][T22108] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  674.753918][T13903] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  674.777387][T22112] loop1: detected capacity change from 0 to 512
[  674.784887][T22112] vfat: Bad value for 'uni_xlate'
[  674.822088][T22112] vhci_hcd: invalid port number 96
[  674.827347][T22112] vhci_hcd: default hub control req: 0300 vfffa i0060 l0
[  674.835355][T22112] sd 0:0:1:0: device reset
[  674.843991][T22116] program syz.7.5693 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  675.118871][T22131] loop7: detected capacity change from 0 to 512
[  675.172914][T22135] loop0: detected capacity change from 0 to 256
[  675.225014][T22142] program syz.7.5703 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  675.310864][T22145] loop0: detected capacity change from 0 to 128
[  675.324668][T22145] Buffer I/O error on dev loop0, logical block 79, lost async page write
[  675.334294][T22145] Buffer I/O error on dev loop0, logical block 80, lost async page write
[  675.343614][T22145] Buffer I/O error on dev loop0, logical block 83, lost async page write
[  675.352296][T22145] Buffer I/O error on dev loop0, logical block 84, lost async page write
[  675.528524][T22160] loop0: detected capacity change from 0 to 128
[  675.567551][T22164] loop0: detected capacity change from 0 to 128
[  675.672262][T22168] loop1: detected capacity change from 0 to 128
[  675.855247][T22179] loop4: detected capacity change from 0 to 128
[  675.918572][T22186] program syz.0.5723 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  675.974190][T22192] loop1: detected capacity change from 0 to 128
[  676.089709][   T29] kauditd_printk_skb: 76 callbacks suppressed
[  676.089729][   T29] audit: type=1326 audit(1760552857.306:19375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22200 comm="syz.0.5730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57a182eec9 code=0x7ffc0000
[  676.139571][   T29] audit: type=1326 audit(1760552857.316:19376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22200 comm="syz.0.5730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57a182eec9 code=0x7ffc0000
[  676.163344][   T29] audit: type=1326 audit(1760552857.316:19377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22200 comm="syz.0.5730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f57a182eec9 code=0x7ffc0000
[  676.187637][   T29] audit: type=1326 audit(1760552857.316:19378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22200 comm="syz.0.5730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57a182eec9 code=0x7ffc0000
[  676.211378][   T29] audit: type=1326 audit(1760552857.316:19379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22200 comm="syz.0.5730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f57a182eec9 code=0x7ffc0000
[  676.235128][   T29] audit: type=1326 audit(1760552857.316:19380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22200 comm="syz.0.5730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57a182eec9 code=0x7ffc0000
[  676.258800][   T29] audit: type=1326 audit(1760552857.316:19381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22200 comm="syz.0.5730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f57a182eec9 code=0x7ffc0000
[  676.278353][T22205] loop0: detected capacity change from 0 to 1024
[  676.282584][   T29] audit: type=1326 audit(1760552857.316:19382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22200 comm="syz.0.5730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57a182eec9 code=0x7ffc0000
[  676.312562][   T29] audit: type=1326 audit(1760552857.316:19383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22200 comm="syz.0.5730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f57a182eec9 code=0x7ffc0000
[  676.336146][   T29] audit: type=1326 audit(1760552857.316:19384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22200 comm="syz.0.5730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57a182eec9 code=0x7ffc0000
[  676.338491][T22205] EXT4-fs: Ignoring removed orlov option
[  676.438866][T22220] program syz.1.5738 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  676.456064][T22205] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  676.529394][T22228] loop7: detected capacity change from 0 to 1024
[  676.540990][T22228] EXT4-fs: Ignoring removed orlov option
[  676.541050][T14373] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  676.577395][T22233] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5743'.
[  676.605156][T22228] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  676.618452][T22233] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5743'.
[  676.633018][T22236] loop6: detected capacity change from 0 to 256
[  676.667049][T20548] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  676.706311][T22233] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5743'.
[  676.750341][T22252] loop1: detected capacity change from 0 to 1024
[  676.787694][T22252] EXT4-fs: Ignoring removed nobh option
[  676.793474][T22252] EXT4-fs: Ignoring removed bh option
[  676.819628][T22252] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  676.848655][T22268] loop4: detected capacity change from 0 to 1024
[  676.868624][T22252] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000.
[  676.868903][T22268] EXT4-fs: Ignoring removed orlov option
[  676.918467][T13903] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  676.929392][T22268] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  676.945152][T22276] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5759'.
[  676.956981][T22277] program syz.7.5758 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  676.980819][T12203] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  676.988517][T22276] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5759'.
[  677.036186][T22276] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5759'.
[  677.047006][T22287] loop1: detected capacity change from 0 to 1024
[  677.055245][T22287] EXT4-fs: Ignoring removed nobh option
[  677.060855][T22287] EXT4-fs: Ignoring removed bh option
[  677.087728][T22287] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  677.154064][T22287] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000.
[  677.188886][T13903] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  677.283560][T22306] loop7: detected capacity change from 0 to 1024
[  677.309876][T22305] loop1: detected capacity change from 0 to 512
[  677.316711][T22305] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  677.329334][T22306] EXT4-fs: Ignoring removed bh option
[  677.334806][T22306] EXT4-fs: Ignoring removed bh option
[  677.340278][T22306] EXT4-fs: Ignoring removed i_version option
[  677.346344][T22306] EXT4-fs: inline encryption not supported
[  677.388893][T22306] EXT4-fs (loop7): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  677.425190][T22306] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840e018, mo2=0000]
[  677.433411][T22306] System zones: 0-1, 3-12
[  677.447653][T22310] loop6: detected capacity change from 0 to 512
[  677.457066][T22310] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  677.469056][T22306] EXT4-fs error (device loop7): ext4_map_blocks:814: inode #3: block 1: comm syz.7.5764: lblock 1 mapped to illegal pblock 1 (length 1)
[  677.531580][T22306] EXT4-fs error (device loop7): ext4_acquire_dquot:6945: comm syz.7.5764: Failed to acquire dquot type 0
[  677.594954][T22306] EXT4-fs error (device loop7): ext4_free_blocks:6706: comm syz.7.5764: Freeing blocks not in datazone - block = 0, count = 4096
[  677.698625][T22306] EXT4-fs error (device loop7): ext4_read_inode_bitmap:139: comm syz.7.5764: Invalid inode bitmap blk 0 in block_group 0
[  678.014553][T12325] EXT4-fs error (device loop7): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:13: lblock 1 mapped to illegal pblock 1 (length 1)
[  678.028961][T22306] EXT4-fs error (device loop7) in ext4_free_inode:361: Corrupt filesystem
[  678.037879][T12325] EXT4-fs error (device loop7): ext4_release_dquot:6981: comm kworker/u8:13: Failed to release dquot type 0
[  678.197454][T22306] EXT4-fs (loop7): 1 orphan inode deleted
[  678.333518][T22306] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  678.502747][T22341] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5780'.
[  678.517284][T22343] loop4: detected capacity change from 0 to 128
[  678.534482][T22341] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5780'.
[  678.661527][T22296] EXT4-fs error (device loop7): ext4_search_dir:1474: inode #2: block 16: comm syz.7.5764: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0
[  678.995952][T22306] EXT4-fs error (device loop7): ext4_search_dir:1474: inode #2: block 16: comm syz.7.5764: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0
[  679.286235][T22369] loop6: detected capacity change from 0 to 128
[  680.261354][T22301] syz.7.5764 (22301) used greatest stack depth: 7304 bytes left
[  680.266307][T22386] loop6: detected capacity change from 0 to 1024
[  680.285598][T20548] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  680.296216][T22386] EXT4-fs: Ignoring removed orlov option
[  680.302279][T12332] EXT4-fs error (device loop7): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:14: lblock 1 mapped to illegal pblock 1 (length 1)
[  680.319956][T22386] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  680.343723][T12332] EXT4-fs error (device loop7): ext4_release_dquot:6981: comm kworker/u8:14: Failed to release dquot type 0
[  680.395943][T20529] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  680.609042][T22397] loop4: detected capacity change from 0 to 256
[  680.621370][T22399] loop6: detected capacity change from 0 to 1024
[  680.630833][T22399] EXT4-fs: Ignoring removed nobh option
[  680.636643][T22399] EXT4-fs: Ignoring removed bh option
[  680.681569][T22399] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  680.749743][T22399] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000.
[  680.769914][T20529] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  680.977596][T22409] loop6: detected capacity change from 0 to 512
[  681.000473][T22409] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  681.089671][T22414] loop0: detected capacity change from 0 to 1024
[  681.104909][T22414] EXT4-fs: Ignoring removed nobh option
[  681.110532][T22414] EXT4-fs: Ignoring removed bh option
[  681.158946][T22414] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  681.181718][T22414] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000.
[  681.201873][T14373] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  681.257515][   T29] kauditd_printk_skb: 135 callbacks suppressed
[  681.257534][   T29] audit: type=1326 audit(1760552862.476:19516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22419 comm="syz.6.5807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d581aeec9 code=0x7ffc0000
[  681.301787][   T29] audit: type=1326 audit(1760552862.486:19517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22419 comm="syz.6.5807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=249 compat=0 ip=0x7f2d581aeec9 code=0x7ffc0000
[  681.325696][   T29] audit: type=1326 audit(1760552862.486:19518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22419 comm="syz.6.5807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d581aeec9 code=0x7ffc0000
[  681.349429][   T29] audit: type=1326 audit(1760552862.486:19519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22419 comm="syz.6.5807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d581aeec9 code=0x7ffc0000
[  681.475579][   T29] audit: type=1400 audit(1760552862.686:19520): avc:  denied  { read } for  pid=22428 comm="syz.0.5811" name="nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  681.498791][   T29] audit: type=1400 audit(1760552862.686:19521): avc:  denied  { open } for  pid=22428 comm="syz.0.5811" path="/dev/nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  681.534064][   T29] audit: type=1326 audit(1760552862.756:19522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22428 comm="syz.0.5811" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f57a182eec9 code=0x0
[  681.570874][T22434] loop7: detected capacity change from 0 to 1024
[  681.578417][T22434] EXT4-fs: Ignoring removed orlov option
[  681.736639][T22434] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  681.824201][   T29] audit: type=1326 audit(1760552863.036:19523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22439 comm="syz.1.5814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9b32ceec9 code=0x7ffc0000
[  681.848140][   T29] audit: type=1326 audit(1760552863.036:19524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22439 comm="syz.1.5814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9b32ceec9 code=0x7ffc0000
[  681.871853][   T29] audit: type=1326 audit(1760552863.036:19525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22439 comm="syz.1.5814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc9b32ceec9 code=0x7ffc0000
[  681.968413][T20548] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  682.036391][T22446] loop1: detected capacity change from 0 to 128
[  682.048469][T22446] bio_check_eod: 688 callbacks suppressed
[  682.048489][T22446] syz.1.5817: attempt to access beyond end of device
[  682.048489][T22446] loop1: rw=2049, sector=154, nr_sectors = 6 limit=128
[  682.083205][T22446] syz.1.5817: attempt to access beyond end of device
[  682.083205][T22446] loop1: rw=2049, sector=158, nr_sectors = 2 limit=128
[  682.096743][T22446] buffer_io_error: 164 callbacks suppressed
[  682.096826][T22446] Buffer I/O error on dev loop1, logical block 79, lost async page write
[  682.111942][T22446] syz.1.5817: attempt to access beyond end of device
[  682.111942][T22446] loop1: rw=2049, sector=160, nr_sectors = 2 limit=128
[  682.125490][T22446] Buffer I/O error on dev loop1, logical block 80, lost async page write
[  682.288423][T22457] loop6: detected capacity change from 0 to 128
[  682.475582][T22474] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=22474 comm=syz.6.5828
[  682.614241][T12325] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  682.696681][T12325] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  682.803462][T12325] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  682.873822][T12325] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  682.963691][T22446] syz.1.5817: attempt to access beyond end of device
[  682.963691][T22446] loop1: rw=2049, sector=154, nr_sectors = 2 limit=128
[  682.977172][T22446] Buffer I/O error on dev loop1, logical block 77, lost async page write
[  682.994203][T22446] syz.1.5817: attempt to access beyond end of device
[  682.994203][T22446] loop1: rw=2049, sector=156, nr_sectors = 2 limit=128
[  683.007865][T22446] Buffer I/O error on dev loop1, logical block 78, lost async page write
[  683.016897][T22446] syz.1.5817: attempt to access beyond end of device
[  683.016897][T22446] loop1: rw=2049, sector=158, nr_sectors = 2 limit=128
[  683.030445][T22446] Buffer I/O error on dev loop1, logical block 79, lost async page write
[  683.040394][T22446] syz.1.5817: attempt to access beyond end of device
[  683.040394][T22446] loop1: rw=2049, sector=160, nr_sectors = 2 limit=128
[  683.053916][T22446] Buffer I/O error on dev loop1, logical block 80, lost async page write
[  683.062627][T22446] syz.1.5817: attempt to access beyond end of device
[  683.062627][T22446] loop1: rw=2049, sector=162, nr_sectors = 88 limit=128
[  683.079431][T22446] syz.1.5817: attempt to access beyond end of device
[  683.079431][T22446] loop1: rw=2049, sector=138, nr_sectors = 12 limit=128
[  683.119508][T12325] bridge_slave_1: left allmulticast mode
[  683.125315][T12325] bridge_slave_1: left promiscuous mode
[  683.131105][T12325] bridge0: port 2(bridge_slave_1) entered disabled state
[  683.144491][T12325] bridge_slave_0: left allmulticast mode
[  683.150199][T12325] bridge_slave_0: left promiscuous mode
[  683.156027][T12325] bridge0: port 1(bridge_slave_0) entered disabled state
[  683.276477][T22493] loop0: detected capacity change from 0 to 128
[  683.417408][T22498] loop0: detected capacity change from 0 to 256
[  683.464707][T12325] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  683.478723][T12325] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  683.514972][T12325] bond0 (unregistering): Released all slaves
[  683.546699][T12325] bond1 (unregistering): Released all slaves
[  683.578686][T12325] bond2 (unregistering): Released all slaves
[  683.638683][T12325] bond3 (unregistering): Released all slaves
[  683.713252][T12325] bond4 (unregistering): Released all slaves
[  683.778383][T12325] bond5 (unregistering): Released all slaves
[  683.824658][T12325] bond6 (unregistering): Released all slaves
[  683.869150][T12325] bond7 (unregistering): Released all slaves
[  683.878751][T12325] bond8 (unregistering): Released all slaves
[  683.887873][T12325] bond9 (unregistering): Released all slaves
[  683.897878][T12325] bond10 (unregistering): Released all slaves
[  683.965576][T12325] tipc: Left network mode
[  683.965771][T22459] chnl_net:caif_netlink_parms(): no params data found
[  684.002254][T12325] hsr_slave_0: left promiscuous mode
[  684.014456][T12325] hsr_slave_1: left promiscuous mode
[  684.020376][T12325] batman_adv: batadv0: Removing interface: batadv_slave_0
[  684.030410][T12325] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  684.037948][T12325] batman_adv: batadv0: Removing interface: batadv_slave_1
[  684.048646][T12325] veth1_macvtap: left promiscuous mode
[  684.054276][T12325] veth0_macvtap: left promiscuous mode
[  684.059990][T12325] veth1_vlan: left promiscuous mode
[  684.065509][T12325] veth0_vlan: left promiscuous mode
[  684.175316][T22522] loop1: detected capacity change from 0 to 1024
[  684.183532][T22522] EXT4-fs: Ignoring removed nobh option
[  684.189266][T22522] EXT4-fs: Ignoring removed bh option
[  684.215366][T22522] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  684.248985][T12325] team0 (unregistering): Port device team_slave_1 removed
[  684.260919][T12325] team0 (unregistering): Port device team_slave_0 removed
[  684.299500][T22522] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000.
[  684.322783][T13903] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  684.490874][T22459] bridge0: port 1(bridge_slave_0) entered blocking state
[  684.498109][T22459] bridge0: port 1(bridge_slave_0) entered disabled state
[  684.520983][T22459] bridge_slave_0: entered allmulticast mode
[  684.527821][T22459] bridge_slave_0: entered promiscuous mode
[  684.534839][T22459] bridge0: port 2(bridge_slave_1) entered blocking state
[  684.541958][T22459] bridge0: port 2(bridge_slave_1) entered disabled state
[  684.549235][T22459] bridge_slave_1: entered allmulticast mode
[  684.560537][T22459] bridge_slave_1: entered promiscuous mode
[  684.628348][T22459] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  684.728049][T22459] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  684.743928][T22560] loop0: detected capacity change from 0 to 128
[  684.905344][T22459] team0: Port device team_slave_0 added
[  684.918156][T22560] syz.0.5844: attempt to access beyond end of device
[  684.918156][T22560] loop0: rw=2049, sector=145, nr_sectors = 16 limit=128
[  684.932384][T22459] team0: Port device team_slave_1 added
[  684.973541][T22564] loop1: detected capacity change from 0 to 512
[  684.997974][T22459] batman_adv: batadv0: Adding interface: batadv_slave_0
[  685.005018][T22459] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  685.031054][T22459] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  685.046073][T22564] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  685.058047][ T3001] udevd[3001]: worker [13302] terminated by signal 33 (Unknown signal 33)
[  685.066938][ T3001] udevd[3001]: worker [13302] failed while handling '/devices/virtual/block/loop1'
[  685.078224][T22560] __nla_validate_parse: 1 callbacks suppressed
[  685.078238][T22560] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5844'.
[  685.086238][T22459] batman_adv: batadv0: Adding interface: batadv_slave_1
[  685.093337][T22560] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5844'.
[  685.109341][T22459] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  685.135992][T22459] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  685.192032][T22459] hsr_slave_0: entered promiscuous mode
[  685.198253][T22459] hsr_slave_1: entered promiscuous mode
[  685.205871][T22459] debugfs: 'hsr0' already exists in 'hsr'
[  685.211651][T22459] Cannot create hsr debugfs directory
[  685.292843][T22577] loop7: detected capacity change from 0 to 1024
[  685.323351][T22577] EXT4-fs: Ignoring removed orlov option
[  685.357412][T22577] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  685.404966][T20548] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  685.457486][T22587] loop7: detected capacity change from 0 to 128
[  685.469461][T22587] Buffer I/O error on dev loop7, logical block 79, lost async page write
[  685.481860][T22587] Buffer I/O error on dev loop7, logical block 80, lost async page write
[  685.491048][T22587] Buffer I/O error on dev loop7, logical block 83, lost async page write
[  685.502015][T22587] Buffer I/O error on dev loop7, logical block 84, lost async page write
[  685.670799][T22596] program syz.7.5854 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  685.745919][T22600] loop6: detected capacity change from 0 to 128
[  685.759632][T22459] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  685.781703][T22459] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  685.795323][T22459] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  685.805785][T22459] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  685.853022][T22459] 8021q: adding VLAN 0 to HW filter on device bond0
[  685.869136][T22459] 8021q: adding VLAN 0 to HW filter on device team0
[  685.878755][T12325] bridge0: port 1(bridge_slave_0) entered blocking state
[  685.885875][T12325] bridge0: port 1(bridge_slave_0) entered forwarding state
[  685.897227][  T314] bridge0: port 2(bridge_slave_1) entered blocking state
[  685.904324][  T314] bridge0: port 2(bridge_slave_1) entered forwarding state
[  685.912265][T22600] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5855'.
[  685.921304][T22600] netlink: 24 bytes leftover after parsing attributes in process `syz.6.5855'.
[  685.960639][T22459] 8021q: adding VLAN 0 to HW filter on device batadv0
[  686.006753][T22459] veth0_vlan: entered promiscuous mode
[  686.038779][T22459] veth1_vlan: entered promiscuous mode
[  686.078347][T22459] veth0_macvtap: entered promiscuous mode
[  686.092888][T22459] veth1_macvtap: entered promiscuous mode
[  686.106951][T22459] batman_adv: batadv0: Interface activated: batadv_slave_0
[  686.121755][T22459] batman_adv: batadv0: Interface activated: batadv_slave_1
[  686.135817][T12177] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  686.146965][T12177] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  686.152875][T22638] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=22638 comm=syz.6.5861
[  686.157219][T12177] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  686.206067][T12177] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  686.287800][T22646] loop0: detected capacity change from 0 to 128
[  686.469488][ T3001] udevd[3001]: worker [12251] terminated by signal 33 (Unknown signal 33)
[  686.480697][T22646] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5862'.
[  686.489674][T22646] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5862'.
[  686.489804][T22658] loop6: detected capacity change from 0 to 1024
[  686.512280][ T3001] udevd[3001]: worker [12251] failed while handling '/devices/virtual/block/loop0'
[  686.559607][T22658] EXT4-fs: Ignoring removed nobh option
[  686.565292][T22658] EXT4-fs: Ignoring removed bh option
[  686.577416][ T3001] udevd[3001]: worker [13301] terminated by signal 33 (Unknown signal 33)
[  686.591395][ T3001] udevd[3001]: worker [13301] failed while handling '/devices/virtual/block/loop0'
[  686.610444][ T3001] udevd[3001]: worker [13303] terminated by signal 33 (Unknown signal 33)
[  686.621649][ T3001] udevd[3001]: worker [13303] failed while handling '/devices/virtual/block/loop6'
[  686.631430][   T29] kauditd_printk_skb: 49 callbacks suppressed
[  686.631447][   T29] audit: type=1326 audit(1760552867.846:19575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22660 comm="syz.1.5869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9b32ceec9 code=0x7ffc0000
[  686.642352][T22658] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  686.661568][   T29] audit: type=1326 audit(1760552867.846:19576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22660 comm="syz.1.5869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9b32ceec9 code=0x7ffc0000
[  686.698129][   T29] audit: type=1326 audit(1760552867.846:19577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22660 comm="syz.1.5869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc9b32ceec9 code=0x7ffc0000
[  686.721725][   T29] audit: type=1326 audit(1760552867.846:19578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22660 comm="syz.1.5869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9b32ceec9 code=0x7ffc0000
[  686.745402][   T29] audit: type=1326 audit(1760552867.846:19579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22660 comm="syz.1.5869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc9b32ceec9 code=0x7ffc0000
[  686.769023][   T29] audit: type=1326 audit(1760552867.846:19580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22660 comm="syz.1.5869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9b32ceec9 code=0x7ffc0000
[  686.792811][   T29] audit: type=1326 audit(1760552867.846:19581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22660 comm="syz.1.5869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc9b32ceec9 code=0x7ffc0000
[  686.816583][   T29] audit: type=1326 audit(1760552867.846:19582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22660 comm="syz.1.5869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9b32ceec9 code=0x7ffc0000
[  686.840246][   T29] audit: type=1326 audit(1760552867.846:19583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22660 comm="syz.1.5869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc9b32ceec9 code=0x7ffc0000
[  686.863924][   T29] audit: type=1326 audit(1760552867.846:19584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22660 comm="syz.1.5869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9b32ceec9 code=0x7ffc0000
[  686.895843][T22658] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000.
[  686.918746][T20529] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  686.957578][T22672] loop6: detected capacity change from 0 to 1024
[  686.966742][T22672] EXT4-fs: Ignoring removed orlov option
[  686.982417][T22672] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  687.000715][T22668] loop1: detected capacity change from 0 to 512
[  687.007741][T22668] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  687.055427][T20529] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  687.146431][T22685] loop1: detected capacity change from 0 to 1024
[  687.153939][T22685] EXT4-fs: Ignoring removed orlov option
[  687.170977][T22685] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  687.234963][T13903] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  687.256338][T22693] loop1: detected capacity change from 0 to 128
[  687.274245][T22695] loop4: detected capacity change from 0 to 128
[  687.299690][T22695] bio_check_eod: 393 callbacks suppressed
[  687.299705][T22695] syz.4.5881: attempt to access beyond end of device
[  687.299705][T22695] loop4: rw=2049, sector=154, nr_sectors = 6 limit=128
[  687.321749][T22695] syz.4.5881: attempt to access beyond end of device
[  687.321749][T22695] loop4: rw=2049, sector=158, nr_sectors = 2 limit=128
[  687.335278][T22695] buffer_io_error: 25 callbacks suppressed
[  687.335296][T22695] Buffer I/O error on dev loop4, logical block 79, lost async page write
[  687.349950][T22695] syz.4.5881: attempt to access beyond end of device
[  687.349950][T22695] loop4: rw=2049, sector=160, nr_sectors = 2 limit=128
[  687.363521][T22695] Buffer I/O error on dev loop4, logical block 80, lost async page write
[  687.373015][T22695] syz.4.5881: attempt to access beyond end of device
[  687.373015][T22695] loop4: rw=2049, sector=162, nr_sectors = 6 limit=128
[  687.394128][T22698] loop6: detected capacity change from 0 to 128
[  687.396887][T22693] syz.1.5880: attempt to access beyond end of device
[  687.396887][T22693] loop1: rw=2049, sector=145, nr_sectors = 16 limit=128
[  687.419121][ T3001] udevd[3001]: worker [16999] terminated by signal 33 (Unknown signal 33)
[  687.424756][T22693] syz.1.5880: attempt to access beyond end of device
[  687.424756][T22693] loop1: rw=2049, sector=169, nr_sectors = 24 limit=128
[  687.428242][ T3001] udevd[3001]: worker [16999] failed while handling '/devices/virtual/block/loop6'
[  687.450653][T22693] syz.1.5880: attempt to access beyond end of device
[  687.450653][T22693] loop1: rw=2049, sector=201, nr_sectors = 8 limit=128
[  687.453648][T22698] syz.6.5882: attempt to access beyond end of device
[  687.453648][T22698] loop6: rw=2049, sector=154, nr_sectors = 6 limit=128
[  687.474458][T22693] syz.1.5880: attempt to access beyond end of device
[  687.474458][T22693] loop1: rw=2049, sector=217, nr_sectors = 8 limit=128
[  687.480087][T22698] syz.6.5882: attempt to access beyond end of device
[  687.480087][T22698] loop6: rw=2049, sector=158, nr_sectors = 2 limit=128
[  687.504482][T22698] Buffer I/O error on dev loop6, logical block 79, lost async page write
[  687.511950][T22699] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5880'.
[  687.514877][T22698] Buffer I/O error on dev loop6, logical block 80, lost async page write
[  687.521811][T22699] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5880'.
[  687.531186][T22698] Buffer I/O error on dev loop6, logical block 83, lost async page write
[  687.547754][T22698] Buffer I/O error on dev loop6, logical block 84, lost async page write
[  687.562657][T22698] Buffer I/O error on dev loop6, logical block 95, lost async page write
[  687.571357][T22698] Buffer I/O error on dev loop6, logical block 96, lost async page write
[  687.580989][T22698] Buffer I/O error on dev loop6, logical block 99, lost async page write
[  687.589790][T22698] Buffer I/O error on dev loop6, logical block 100, lost async page write
[  687.665421][T22711] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=22711 comm=syz.1.5886
[  687.717086][T22715] loop1: detected capacity change from 0 to 128
[  687.810511][T22715] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5888'.
[  687.819498][T22715] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5888'.
[  687.883639][T22717] loop1: detected capacity change from 0 to 128
[  687.962528][T22724] loop0: detected capacity change from 0 to 1024
[  687.969181][T22724] EXT4-fs: Ignoring removed bh option
[  687.974669][T22724] EXT4-fs: Ignoring removed bh option
[  687.980074][T22724] EXT4-fs: Ignoring removed i_version option
[  687.986219][T22724] EXT4-fs: inline encryption not supported
[  687.992532][T22724] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  688.007664][T22724] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840e018, mo2=0000]
[  688.015900][T22724] System zones: 0-1, 3-12
[  688.021180][T22724] EXT4-fs error (device loop0): ext4_map_blocks:814: inode #3: block 1: comm syz.0.5891: lblock 1 mapped to illegal pblock 1 (length 1)
[  688.035430][T22724] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.5891: Failed to acquire dquot type 0
[  688.047237][T22724] EXT4-fs error (device loop0): ext4_free_blocks:6706: comm syz.0.5891: Freeing blocks not in datazone - block = 0, count = 4096
[  688.061381][T22724] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.5891: Invalid inode bitmap blk 0 in block_group 0
[  688.074391][T22724] EXT4-fs error (device loop0) in ext4_free_inode:361: Corrupt filesystem
[  688.083194][T12169] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:9: lblock 1 mapped to illegal pblock 1 (length 1)
[  688.090573][T22724] EXT4-fs (loop0): 1 orphan inode deleted
[  688.102058][T22727] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=22727 comm=syz.1.5892
[  688.104955][T22724] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  688.140568][T12169] EXT4-fs error (device loop0): ext4_release_dquot:6981: comm kworker/u8:9: Failed to release dquot type 0
[  688.162101][T14373] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  688.198903][T22732] loop1: detected capacity change from 0 to 1024
[  688.206522][T22732] EXT4-fs: Ignoring removed nobh option
[  688.212191][T22732] EXT4-fs: Ignoring removed bh option
[  688.234377][T22734] loop0: detected capacity change from 0 to 1024
[  688.241367][T22734] EXT4-fs: Ignoring removed orlov option
[  688.251693][T22732] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  688.252277][T22734] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  688.307120][T14373] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  688.321236][T22732] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000.
[  688.356523][T13903] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  688.362288][T22745] loop0: detected capacity change from 0 to 128
[  688.383326][T22747] loop6: detected capacity change from 0 to 1024
[  688.401776][T22747] EXT4-fs: Ignoring removed nobh option
[  688.407457][T22747] EXT4-fs: Ignoring removed bh option
[  688.462330][T22747] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  688.506012][T11997] printk: udevd: 4 output lines suppressed due to ratelimiting
[  688.520226][T22747] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000.
[  688.542562][T20529] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  688.633256][T22776] loop6: detected capacity change from 0 to 128
[  688.671805][T22778] loop1: detected capacity change from 0 to 1024
[  688.686964][T22778] EXT4-fs: Ignoring removed nobh option
[  688.692640][T22778] EXT4-fs: Ignoring removed bh option
[  688.719787][T22787] program syz.4.5914 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  688.731072][T22778] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  688.757305][T22778] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000.
[  688.776482][T13903] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  688.821259][T22798] loop0: detected capacity change from 0 to 256
[  688.825375][T22800] program syz.1.5920 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  688.972691][T22814] loop4: detected capacity change from 0 to 128
[  689.015599][T22820] loop0: detected capacity change from 0 to 512
[  689.024266][T22820] vfat: Bad value for 'uni_xlate'
[  689.029613][T22822] loop1: detected capacity change from 0 to 128
[  689.061685][T22820] vhci_hcd: invalid port number 96
[  689.066847][T22820] vhci_hcd: default hub control req: 0300 vfffa i0060 l0
[  689.074530][T22820] sd 0:0:1:0: device reset
[  689.160261][T22828] program syz.1.5933 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  689.187894][T22832] loop7: detected capacity change from 0 to 1024
[  689.194949][T22832] EXT4-fs: Ignoring removed nobh option
[  689.200577][T22832] EXT4-fs: Ignoring removed bh option
[  689.223618][T22832] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  689.246921][T22832] EXT4-fs (loop7): re-mounted 00000000-0000-0000-0000-000000000000.
[  689.316240][T20548] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  689.415539][T22846] loop7: detected capacity change from 0 to 1024
[  689.423128][T22846] EXT4-fs: Ignoring removed orlov option
[  689.431180][T22846] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  689.457358][T20548] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  689.556704][  T314] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  689.580038][T22843] chnl_net:caif_netlink_parms(): no params data found
[  689.644989][  T314] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  689.646145][T22868] loop6: detected capacity change from 0 to 128
[  689.661783][T22843] bridge0: port 1(bridge_slave_0) entered blocking state
[  689.668906][T22843] bridge0: port 1(bridge_slave_0) entered disabled state
[  689.676613][T22843] bridge_slave_0: entered allmulticast mode
[  689.683620][T22843] bridge_slave_0: entered promiscuous mode
[  689.691551][T22843] bridge0: port 2(bridge_slave_1) entered blocking state
[  689.698640][T22843] bridge0: port 2(bridge_slave_1) entered disabled state
[  689.708497][T22843] bridge_slave_1: entered allmulticast mode
[  689.715429][T22843] bridge_slave_1: entered promiscuous mode
[  689.732915][  T314] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  689.753999][T22843] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  689.765146][T22843] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  689.785064][  T314] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  689.809603][T22843] team0: Port device team_slave_0 added
[  689.816889][T22843] team0: Port device team_slave_1 added
[  689.836521][T22843] batman_adv: batadv0: Adding interface: batadv_slave_0
[  689.843534][T22843] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  689.869552][T22843] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  689.880981][T22843] batman_adv: batadv0: Adding interface: batadv_slave_1
[  689.888033][T22843] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  689.914051][T22843] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  689.983263][T22874] loop4: detected capacity change from 0 to 256
[  690.054440][  T314] bond0 (unregistering): Released all slaves
[  690.063887][  T314] bond1 (unregistering): Released all slaves
[  690.073247][  T314] bond2 (unregistering): Released all slaves
[  690.082410][  T314] bond3 (unregistering): Released all slaves
[  690.094214][  T314] bond4 (unregistering): Released all slaves
[  690.104407][  T314] bond5 (unregistering): Released all slaves
[  690.118133][  T314] bond6 (unregistering): Released all slaves
[  690.135962][T22843] hsr_slave_0: entered promiscuous mode
[  690.142397][T22843] hsr_slave_1: entered promiscuous mode
[  690.149421][T22843] debugfs: 'hsr0' already exists in 'hsr'
[  690.155255][T22843] Cannot create hsr debugfs directory
[  690.163510][T22889] program syz.6.5953 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  690.195864][T22891] loop4: detected capacity change from 0 to 512
[  690.204958][T22891] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  690.222586][T22894] loop0: detected capacity change from 0 to 512
[  690.231973][  T314] tipc: Left network mode
[  690.238461][T22894] vfat: Bad value for 'uni_xlate'
[  690.246088][  T314] hsr_slave_0: left promiscuous mode
[  690.253173][  T314] hsr_slave_1: left promiscuous mode
[  690.263339][  T314] veth1_macvtap: left promiscuous mode
[  690.269241][  T314] veth0_macvtap: left promiscuous mode
[  690.276349][  T314] veth1_vlan: left promiscuous mode
[  690.282120][  T314] veth0_vlan: left promiscuous mode
[  690.301890][T22894] vhci_hcd: invalid port number 96
[  690.307027][T22894] vhci_hcd: default hub control req: 0300 vfffa i0060 l0
[  690.318120][T22894] sd 0:0:1:0: device reset
[  690.533229][T22907] loop4: detected capacity change from 0 to 512
[  690.540058][T22907] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  690.656717][T22911] loop4: detected capacity change from 0 to 128
[  690.776528][T22843] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  690.785451][T22843] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  690.794940][T22843] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  690.804640][T22843] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  690.853039][T22843] 8021q: adding VLAN 0 to HW filter on device bond0
[  690.866264][T22843] 8021q: adding VLAN 0 to HW filter on device team0
[  690.876570][  T314] bridge0: port 1(bridge_slave_0) entered blocking state
[  690.883702][  T314] bridge0: port 1(bridge_slave_0) entered forwarding state
[  690.895630][  T314] bridge0: port 2(bridge_slave_1) entered blocking state
[  690.902762][  T314] bridge0: port 2(bridge_slave_1) entered forwarding state
[  690.930764][T22843] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  690.941447][T22843] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  691.014640][T22843] 8021q: adding VLAN 0 to HW filter on device batadv0
[  691.087690][T22843] veth0_vlan: entered promiscuous mode
[  691.097706][T22843] veth1_vlan: entered promiscuous mode
[  691.309151][T22843] veth0_macvtap: entered promiscuous mode
[  691.369681][T22843] veth1_macvtap: entered promiscuous mode
[  691.437409][T22843] batman_adv: batadv0: Interface activated: batadv_slave_0
[  691.449494][T22951] program syz.7.5970 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  691.484633][T22843] batman_adv: batadv0: Interface activated: batadv_slave_1
[  691.528966][  T314] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  691.548234][  T314] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  691.574334][  T314] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  691.593127][ T4228] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  691.615480][T22961] loop0: detected capacity change from 0 to 1024
[  691.622433][T22961] EXT4-fs: Ignoring removed nobh option
[  691.628040][T22961] EXT4-fs: Ignoring removed bh option
[  691.646737][T22964] loop1: detected capacity change from 0 to 256
[  691.662868][T22961] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  691.667901][T22968] loop7: detected capacity change from 0 to 1024
[  691.682142][T22968] EXT4-fs: Ignoring removed orlov option
[  691.690395][T22968] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  691.691559][   T29] kauditd_printk_skb: 147 callbacks suppressed
[  691.691606][   T29] audit: type=1326 audit(1760552872.906:19729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22959 comm="syz.0.5974" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57a182eec9 code=0x7ffc0000
[  691.732850][   T29] audit: type=1326 audit(1760552872.906:19730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22959 comm="syz.0.5974" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f57a182eec9 code=0x7ffc0000
[  691.735951][T22961] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000.
[  691.756547][   T29] audit: type=1326 audit(1760552872.906:19731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22959 comm="syz.0.5974" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57a182eec9 code=0x7ffc0000
[  691.788228][   T29] audit: type=1326 audit(1760552872.906:19732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22959 comm="syz.0.5974" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f57a182eec9 code=0x7ffc0000
[  691.836490][   T29] audit: type=1326 audit(1760552873.026:19733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22959 comm="syz.0.5974" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57a182eec9 code=0x7ffc0000
[  691.860227][   T29] audit: type=1326 audit(1760552873.026:19734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22959 comm="syz.0.5974" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57a182eec9 code=0x7ffc0000
[  691.891789][T14373] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  691.901784][T20548] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  691.924713][T22974] loop1: detected capacity change from 0 to 512
[  691.933492][T22974] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  691.967185][T22983] loop7: detected capacity change from 0 to 512
[  691.976356][T22983] vfat: Bad value for 'uni_xlate'
[  691.977867][   T29] audit: type=1326 audit(1760552873.186:19735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22984 comm="syz.0.5982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57a182eec9 code=0x7ffc0000
[  692.005260][   T29] audit: type=1326 audit(1760552873.186:19736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22984 comm="syz.0.5982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57a182eec9 code=0x7ffc0000
[  692.029198][   T29] audit: type=1326 audit(1760552873.186:19737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22984 comm="syz.0.5982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f57a182eec9 code=0x7ffc0000
[  692.052725][   T29] audit: type=1326 audit(1760552873.186:19738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22984 comm="syz.0.5982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57a182eec9 code=0x7ffc0000
[  692.061719][T22983] vhci_hcd: invalid port number 96
[  692.081525][T22983] vhci_hcd: default hub control req: 0300 vfffa i0060 l0
[  692.091071][T22983] sd 0:0:1:0: device reset
[  692.117561][T22989] program syz.7.5984 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  692.266509][T22999] loop7: detected capacity change from 0 to 256
[  692.496400][T23003] FAULT_INJECTION: forcing a failure.
[  692.496400][T23003] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  692.509562][T23003] CPU: 1 UID: 0 PID: 23003 Comm: syz.7.5990 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  692.509589][T23003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  692.509605][T23003] Call Trace:
[  692.509681][T23003]  <TASK>
[  692.509689][T23003]  __dump_stack+0x1d/0x30
[  692.509708][T23003]  dump_stack_lvl+0xe8/0x140
[  692.509726][T23003]  dump_stack+0x15/0x1b
[  692.509742][T23003]  should_fail_ex+0x265/0x280
[  692.509820][T23003]  should_fail+0xb/0x20
[  692.509905][T23003]  should_fail_usercopy+0x1a/0x20
[  692.509924][T23003]  _copy_from_user+0x1c/0xb0
[  692.509947][T23003]  ___sys_sendmsg+0xc1/0x1d0
[  692.509999][T23003]  __x64_sys_sendmsg+0xd4/0x160
[  692.510041][T23003]  x64_sys_call+0x191e/0x3000
[  692.510061][T23003]  do_syscall_64+0xd2/0x200
[  692.510084][T23003]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  692.510160][T23003]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  692.510181][T23003]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  692.510201][T23003] RIP: 0033:0x7fb8ba00eec9
[  692.510220][T23003] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  692.510264][T23003] RSP: 002b:00007fb8b8a6f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  692.510282][T23003] RAX: ffffffffffffffda RBX: 00007fb8ba265fa0 RCX: 00007fb8ba00eec9
[  692.510294][T23003] RDX: 0000000000000106 RSI: 0000200000000140 RDI: 0000000000000003
[  692.510305][T23003] RBP: 00007fb8b8a6f090 R08: 0000000000000000 R09: 0000000000000000
[  692.510378][T23003] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  692.510389][T23003] R13: 00007fb8ba266038 R14: 00007fb8ba265fa0 R15: 00007ffd3ba7b108
[  692.510406][T23003]  </TASK>
[  692.731224][T23009] loop7: detected capacity change from 0 to 1024
[  692.731727][T23011] loop4: detected capacity change from 0 to 128
[  692.738107][T23009] EXT4-fs: Ignoring removed orlov option
[  692.752891][T23009] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  692.753089][T23011] bio_check_eod: 732 callbacks suppressed
[  692.753107][T23011] syz.4.5994: attempt to access beyond end of device
[  692.753107][T23011] loop4: rw=2049, sector=154, nr_sectors = 6 limit=128
[  692.785217][T20548] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  692.785268][T23011] syz.4.5994: attempt to access beyond end of device
[  692.785268][T23011] loop4: rw=2049, sector=158, nr_sectors = 2 limit=128
[  692.785292][T23011] buffer_io_error: 141 callbacks suppressed
[  692.785301][T23011] Buffer I/O error on dev loop4, logical block 79, lost async page write
[  692.785320][T23011] syz.4.5994: attempt to access beyond end of device
[  692.785320][T23011] loop4: rw=2049, sector=160, nr_sectors = 2 limit=128
[  692.831025][T23014] loop7: detected capacity change from 0 to 512
[  692.835511][T23011] Buffer I/O error on dev loop4, logical block 80, lost async page write
[  692.836571][T23011] syz.4.5994: attempt to access beyond end of device
[  692.836571][T23011] loop4: rw=2049, sector=162, nr_sectors = 6 limit=128
[  692.851933][T23014] vfat: Bad value for 'uni_xlate'
[  692.911628][T23014] vhci_hcd: invalid port number 96
[  692.916798][T23014] vhci_hcd: default hub control req: 0300 vfffa i0060 l0
[  692.924676][T23014] sd 0:0:1:0: device reset
[  692.964870][T23019] loop7: detected capacity change from 0 to 1024
[  692.971638][T23019] EXT4-fs: Ignoring removed nobh option
[  692.977216][T23019] EXT4-fs: Ignoring removed bh option
[  693.006622][T23019] EXT4-fs (loop7): re-mounted 00000000-0000-0000-0000-000000000000.
[  693.025769][T23023] program syz.0.5998 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  693.076853][T12325] kworker/u8:13: attempt to access beyond end of device
[  693.076853][T12325] loop4: rw=1, sector=154, nr_sectors = 2 limit=128
[  693.090357][T12325] Buffer I/O error on dev loop4, logical block 77, lost async page write
[  693.099092][T12325] kworker/u8:13: attempt to access beyond end of device
[  693.099092][T12325] loop4: rw=1, sector=156, nr_sectors = 2 limit=128
[  693.112516][T12325] Buffer I/O error on dev loop4, logical block 78, lost async page write
[  693.121033][T12325] kworker/u8:13: attempt to access beyond end of device
[  693.121033][T12325] loop4: rw=1, sector=158, nr_sectors = 2 limit=128
[  693.134553][T12325] Buffer I/O error on dev loop4, logical block 79, lost async page write
[  693.145733][T23028] loop7: detected capacity change from 0 to 1024
[  693.152902][T23028] EXT4-fs: Ignoring removed nobh option
[  693.153004][T12325] kworker/u8:13: attempt to access beyond end of device
[  693.153004][T12325] loop4: rw=1, sector=160, nr_sectors = 2 limit=128
[  693.158498][T23028] EXT4-fs: Ignoring removed bh option
[  693.171928][T12325] Buffer I/O error on dev loop4, logical block 80, lost async page write
[  693.172715][T12325] kworker/u8:13: attempt to access beyond end of device
[  693.172715][T12325] loop4: rw=1, sector=166, nr_sectors = 2 limit=128
[  693.199335][T12325] Buffer I/O error on dev loop4, logical block 83, lost async page write
[  693.208176][T12325] kworker/u8:13: attempt to access beyond end of device
[  693.208176][T12325] loop4: rw=1, sector=168, nr_sectors = 2 limit=128
[  693.221725][T12325] Buffer I/O error on dev loop4, logical block 84, lost async page write
[  693.236505][T23028] EXT4-fs (loop7): re-mounted 00000000-0000-0000-0000-000000000000.
[  693.264218][T23033] loop0: detected capacity change from 0 to 128
[  693.372606][T23033] __nla_validate_parse: 6 callbacks suppressed
[  693.372653][T23033] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6002'.
[  693.387962][T23033] netlink: 24 bytes leftover after parsing attributes in process `syz.0.6002'.
[  693.405532][T23042] loop6: detected capacity change from 0 to 1024
[  693.412361][T23042] EXT4-fs: Ignoring removed orlov option
[  693.420472][T23044] FAULT_INJECTION: forcing a failure.
[  693.420472][T23044] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  693.433620][T23044] CPU: 0 UID: 0 PID: 23044 Comm: syz.7.6006 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  693.433670][T23044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  693.433687][T23044] Call Trace:
[  693.433695][T23044]  <TASK>
[  693.433704][T23044]  __dump_stack+0x1d/0x30
[  693.433725][T23044]  dump_stack_lvl+0xe8/0x140
[  693.433744][T23044]  dump_stack+0x15/0x1b
[  693.433760][T23044]  should_fail_ex+0x265/0x280
[  693.433827][T23044]  should_fail+0xb/0x20
[  693.433870][T23044]  should_fail_usercopy+0x1a/0x20
[  693.433900][T23044]  _copy_from_user+0x1c/0xb0
[  693.433994][T23044]  ___sys_sendmsg+0xc1/0x1d0
[  693.434101][T23044]  __x64_sys_sendmsg+0xd4/0x160
[  693.434139][T23044]  x64_sys_call+0x191e/0x3000
[  693.434173][T23044]  do_syscall_64+0xd2/0x200
[  693.434200][T23044]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  693.434271][T23044]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  693.434302][T23044]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  693.434345][T23044] RIP: 0033:0x7fb8ba00eec9
[  693.434360][T23044] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  693.434380][T23044] RSP: 002b:00007fb8b8a6f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  693.434400][T23044] RAX: ffffffffffffffda RBX: 00007fb8ba265fa0 RCX: 00007fb8ba00eec9
[  693.434414][T23044] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  693.434480][T23044] RBP: 00007fb8b8a6f090 R08: 0000000000000000 R09: 0000000000000000
[  693.434495][T23044] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  693.434508][T23044] R13: 00007fb8ba266038 R14: 00007fb8ba265fa0 R15: 00007ffd3ba7b108
[  693.434528][T23044]  </TASK>
[  693.667312][T23051] loop7: detected capacity change from 0 to 1024
[  693.674484][T23051] EXT4-fs: Ignoring removed nobh option
[  693.680098][T23051] EXT4-fs: Ignoring removed bh option
[  693.696495][T23053] netlink: 4 bytes leftover after parsing attributes in process `syz.6.6010'.
[  693.723573][T23051] EXT4-fs (loop7): re-mounted 00000000-0000-0000-0000-000000000000.
[  693.750654][T23059] program syz.0.6012 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  693.908218][T23078] loop6: detected capacity change from 0 to 1024
[  693.916959][T23078] EXT4-fs: Ignoring removed bh option
[  693.922535][T23078] EXT4-fs: Ignoring removed bh option
[  693.927967][T23078] EXT4-fs: Ignoring removed i_version option
[  693.934036][T23078] EXT4-fs: inline encryption not supported
[  693.940619][T23078] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  693.954274][T23078] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840e018, mo2=0000]
[  693.963257][T23078] System zones: 0-1, 3-12
[  693.969628][T23078] EXT4-fs error (device loop6): ext4_map_blocks:814: inode #3: block 1: comm syz.6.6018: lblock 1 mapped to illegal pblock 1 (length 1)
[  693.991265][T23078] EXT4-fs error (device loop6): ext4_acquire_dquot:6945: comm syz.6.6018: Failed to acquire dquot type 0
[  694.003654][T23078] EXT4-fs error (device loop6): ext4_free_blocks:6706: comm syz.6.6018: Freeing blocks not in datazone - block = 0, count = 4096
[  694.018169][T23078] EXT4-fs error (device loop6): ext4_read_inode_bitmap:139: comm syz.6.6018: Invalid inode bitmap blk 0 in block_group 0
[  694.032498][T23078] EXT4-fs error (device loop6) in ext4_free_inode:361: Corrupt filesystem
[  694.042305][T23078] EXT4-fs (loop6): 1 orphan inode deleted
[  694.470607][   T52] EXT4-fs error (device loop6): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:3: lblock 1 mapped to illegal pblock 1 (length 1)
[  694.484931][T23083] loop4: detected capacity change from 0 to 256
[  694.495428][   T52] EXT4-fs error (device loop6): ext4_release_dquot:6981: comm kworker/u8:3: Failed to release dquot type 0
[  694.510015][T23086] loop1: detected capacity change from 0 to 128
[  694.519696][T23086] Buffer I/O error on dev loop1, logical block 79, lost async page write
[  694.528316][T23086] Buffer I/O error on dev loop1, logical block 80, lost async page write
[  694.569075][T23093] FAULT_INJECTION: forcing a failure.
[  694.569075][T23093] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  694.582205][T23093] CPU: 1 UID: 0 PID: 23093 Comm: syz.0.6024 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  694.582239][T23093] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  694.582255][T23093] Call Trace:
[  694.582262][T23093]  <TASK>
[  694.582271][T23093]  __dump_stack+0x1d/0x30
[  694.582297][T23093]  dump_stack_lvl+0xe8/0x140
[  694.582355][T23093]  dump_stack+0x15/0x1b
[  694.582369][T23093]  should_fail_ex+0x265/0x280
[  694.582400][T23093]  should_fail+0xb/0x20
[  694.582438][T23093]  should_fail_usercopy+0x1a/0x20
[  694.582457][T23093]  _copy_from_user+0x1c/0xb0
[  694.582480][T23093]  ___sys_sendmsg+0xc1/0x1d0
[  694.582638][T23093]  __x64_sys_sendmsg+0xd4/0x160
[  694.582735][T23093]  x64_sys_call+0x191e/0x3000
[  694.582773][T23093]  do_syscall_64+0xd2/0x200
[  694.582869][T23093]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  694.582911][T23093]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  694.582932][T23093]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  694.582952][T23093] RIP: 0033:0x7f57a182eec9
[  694.582966][T23093] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  694.583051][T23093] RSP: 002b:00007f57a028f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  694.583137][T23093] RAX: ffffffffffffffda RBX: 00007f57a1a85fa0 RCX: 00007f57a182eec9
[  694.583148][T23093] RDX: 0000000020000000 RSI: 0000200000000040 RDI: 0000000000000003
[  694.583160][T23093] RBP: 00007f57a028f090 R08: 0000000000000000 R09: 0000000000000000
[  694.583220][T23093] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  694.583239][T23093] R13: 00007f57a1a86038 R14: 00007f57a1a85fa0 R15: 00007ffcc66ca858
[  694.583257][T23093]  </TASK>
[  694.853170][T23106] loop4: detected capacity change from 0 to 512
[  694.860020][T23106] vfat: Bad value for 'uni_xlate'
[  694.892269][T23106] vhci_hcd: invalid port number 96
[  694.897450][T23106] vhci_hcd: default hub control req: 0300 vfffa i0060 l0
[  694.909408][T23111] loop7: detected capacity change from 0 to 1024
[  694.916066][T23113] loop0: detected capacity change from 0 to 1024
[  694.922824][T23106] sd 0:0:1:0: device reset
[  694.933167][T23111] EXT4-fs: Ignoring removed nobh option
[  694.938939][T23111] EXT4-fs: Ignoring removed bh option
[  694.940725][T23113] EXT4-fs: Ignoring removed nobh option
[  694.949951][T23113] EXT4-fs: Ignoring removed bh option
[  695.000931][T23111] EXT4-fs (loop7): re-mounted 00000000-0000-0000-0000-000000000000.
[  695.017371][T23113] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000.
[  695.238611][T23117] loop4: detected capacity change from 0 to 1024
[  695.253728][T23117] EXT4-fs: Ignoring removed bh option
[  695.259241][T23117] EXT4-fs: Ignoring removed bh option
[  695.265104][T23117] EXT4-fs: Ignoring removed i_version option
[  695.271188][T23117] EXT4-fs: inline encryption not supported
[  695.283693][T23122] loop0: detected capacity change from 0 to 1024
[  695.290487][T23122] EXT4-fs: Ignoring removed bh option
[  695.296008][T23122] EXT4-fs: Ignoring removed bh option
[  695.301449][T23122] EXT4-fs: Ignoring removed i_version option
[  695.307516][T23122] EXT4-fs: inline encryption not supported
[  695.313938][T23117] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  695.328309][T23122] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  695.354107][T23117] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840e018, mo2=0000]
[  695.357303][T23129] program syz.7.6036 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  695.381673][T23117] System zones: 
[  695.381667][T23122] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840e018, mo2=0000]
[  695.385270][T23117] 0-1, 3-12
[  695.395653][T23122] System zones: 0-1, 3-12
[  695.402508][T23122] EXT4-fs error (device loop0): ext4_map_blocks:814: inode #3: block 1: comm syz.0.6034: lblock 1 mapped to illegal pblock 1 (length 1)
[  695.417711][T23117] EXT4-fs error (device loop4): ext4_map_blocks:814: inode #3: block 1: comm syz.4.6033: lblock 1 mapped to illegal pblock 1 (length 1)
[  695.458148][    C1] sd 0:0:1:0: [sda] tag#9037 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  695.468585][    C1] sd 0:0:1:0: [sda] tag#9037 CDB: Write(6) 0a 00 00 00 00 00
[  695.479881][T23122] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.6034: Failed to acquire dquot type 0
[  695.510531][T23122] EXT4-fs error (device loop0): ext4_free_blocks:6706: comm syz.0.6034: Freeing blocks not in datazone - block = 0, count = 4096
[  695.529194][T23122] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.6034: Invalid inode bitmap blk 0 in block_group 0
[  695.532638][T23136] loop1: detected capacity change from 0 to 256
[  695.550025][T23122] EXT4-fs error (device loop0) in ext4_free_inode:361: Corrupt filesystem
[  695.560077][T12169] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:9: lblock 1 mapped to illegal pblock 1 (length 1)
[  695.585772][T23137] loop6: detected capacity change from 0 to 1024
[  695.591147][T23117] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.6033: Failed to acquire dquot type 0
[  695.592452][T23122] EXT4-fs (loop0): 1 orphan inode deleted
[  695.610687][T12169] EXT4-fs error (device loop0): ext4_release_dquot:6981: comm kworker/u8:9: Failed to release dquot type 0
[  695.631495][T23137] EXT4-fs: Ignoring removed bh option
[  695.637019][T23137] EXT4-fs: Ignoring removed bh option
[  695.642515][T23137] EXT4-fs: Ignoring removed i_version option
[  695.648523][T23137] EXT4-fs: inline encryption not supported
[  695.664597][T23117] EXT4-fs error (device loop4): ext4_free_blocks:6706: comm syz.4.6033: Freeing blocks not in datazone - block = 0, count = 4096
[  695.680990][T23137] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  695.682493][T23117] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.6033: Invalid inode bitmap blk 0 in block_group 0
[  695.691905][T12169] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:9: lblock 1 mapped to illegal pblock 1 (length 1)
[  695.719767][T12169] EXT4-fs error (device loop4): ext4_release_dquot:6981: comm kworker/u8:9: Failed to release dquot type 0
[  695.741209][T23137] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840e018, mo2=0000]
[  695.741647][T23117] EXT4-fs error (device loop4) in ext4_free_inode:361: Corrupt filesystem
[  695.749641][T23137] System zones: 0-1, 3-12
[  695.775703][T23117] EXT4-fs (loop4): 1 orphan inode deleted
[  695.776223][T23137] EXT4-fs error (device loop6): ext4_map_blocks:814: inode #3: block 1: comm syz.6.6037: lblock 1 mapped to illegal pblock 1 (length 1)
[  695.814718][T23137] EXT4-fs error (device loop6): ext4_acquire_dquot:6945: comm syz.6.6037: Failed to acquire dquot type 0
[  695.858007][T23137] EXT4-fs error (device loop6): ext4_free_blocks:6706: comm syz.6.6037: Freeing blocks not in datazone - block = 0, count = 4096
[  695.885585][T23137] EXT4-fs error (device loop6): ext4_read_inode_bitmap:139: comm syz.6.6037: Invalid inode bitmap blk 0 in block_group 0
[  695.910673][T12169] EXT4-fs error (device loop6): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:9: lblock 1 mapped to illegal pblock 1 (length 1)
[  695.933717][T23137] EXT4-fs error (device loop6) in ext4_free_inode:361: Corrupt filesystem
[  695.949072][T12169] EXT4-fs error (device loop6): ext4_release_dquot:6981: comm kworker/u8:9: Failed to release dquot type 0
[  695.957929][T23151] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6043'.
[  695.960840][T23137] EXT4-fs (loop6): 1 orphan inode deleted
[  695.969525][T23151] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6043'.
[  695.987913][T23151] ip6gretap0: entered promiscuous mode
[  696.000337][T23151] ip6gretap0: left promiscuous mode
[  696.245594][T23163] loop1: detected capacity change from 0 to 1024
[  696.266704][T23163] EXT4-fs: Ignoring removed bh option
[  696.272208][T23163] EXT4-fs: Ignoring removed bh option
[  696.277634][T23163] EXT4-fs: Ignoring removed i_version option
[  696.283684][T23163] EXT4-fs: inline encryption not supported
[  696.295766][T23163] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  696.308497][T23163] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840e018, mo2=0000]
[  696.317443][T23163] System zones: 0-1, 3-12
[  696.323286][T23163] EXT4-fs error (device loop1): ext4_map_blocks:814: inode #3: block 1: comm syz.1.6048: lblock 1 mapped to illegal pblock 1 (length 1)
[  696.337574][T23163] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.6048: Failed to acquire dquot type 0
[  696.350346][T23163] EXT4-fs error (device loop1): ext4_free_blocks:6706: comm syz.1.6048: Freeing blocks not in datazone - block = 0, count = 4096
[  696.371909][T23163] EXT4-fs error (device loop1): ext4_read_inode_bitmap:139: comm syz.1.6048: Invalid inode bitmap blk 0 in block_group 0
[  696.391400][T12177] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:11: lblock 1 mapped to illegal pblock 1 (length 1)
[  696.410349][T23163] EXT4-fs error (device loop1) in ext4_free_inode:361: Corrupt filesystem
[  696.437429][T12177] EXT4-fs error (device loop1): ext4_release_dquot:6981: comm kworker/u8:11: Failed to release dquot type 0
[  696.459491][T23163] EXT4-fs (loop1): 1 orphan inode deleted
[  696.467479][T23173] loop7: detected capacity change from 0 to 1024
[  696.474802][T23173] EXT4-fs: Ignoring removed orlov option
[  696.539411][T23177] loop7: detected capacity change from 0 to 128
[  696.722833][T23189] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6057'.
[  696.843766][T23177] netlink: 8 bytes leftover after parsing attributes in process `syz.7.6052'.
[  696.852722][T23177] netlink: 24 bytes leftover after parsing attributes in process `syz.7.6052'.
[  696.875573][T23197] loop1: detected capacity change from 0 to 128
[  696.896419][T23199] loop4: detected capacity change from 0 to 128
[  696.934114][T12177] af_packet: tpacket_rcv: packet too big, clamped from 76 to 4294967272. macoff=96
[  697.024655][T23204] loop7: detected capacity change from 0 to 1024
[  697.071912][T23204] EXT4-fs: Ignoring removed orlov option
[  697.098446][T23199] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6061'.
[  697.107473][T23199] netlink: 24 bytes leftover after parsing attributes in process `syz.4.6061'.
[  697.132680][T23214] FAULT_INJECTION: forcing a failure.
[  697.132680][T23214] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  697.145833][T23214] CPU: 0 UID: 0 PID: 23214 Comm: syz.0.6065 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  697.145867][T23214] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  697.145953][T23214] Call Trace:
[  697.145961][T23214]  <TASK>
[  697.145969][T23214]  __dump_stack+0x1d/0x30
[  697.145991][T23214]  dump_stack_lvl+0xe8/0x140
[  697.146017][T23214]  dump_stack+0x15/0x1b
[  697.146040][T23214]  should_fail_ex+0x265/0x280
[  697.146161][T23214]  should_fail+0xb/0x20
[  697.146199][T23214]  should_fail_usercopy+0x1a/0x20
[  697.146257][T23214]  _copy_to_user+0x20/0xa0
[  697.146287][T23214]  simple_read_from_buffer+0xb5/0x130
[  697.146350][T23214]  proc_fail_nth_read+0x10e/0x150
[  697.146452][T23214]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  697.146542][T23214]  vfs_read+0x1a8/0x770
[  697.146567][T23214]  ? __rcu_read_unlock+0x4f/0x70
[  697.146635][T23214]  ? __fget_files+0x184/0x1c0
[  697.146667][T23214]  ksys_read+0xda/0x1a0
[  697.146694][T23214]  __x64_sys_read+0x40/0x50
[  697.146719][T23214]  x64_sys_call+0x27c0/0x3000
[  697.146744][T23214]  do_syscall_64+0xd2/0x200
[  697.146835][T23214]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  697.146868][T23214]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  697.146893][T23214]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  697.147006][T23214] RIP: 0033:0x7f57a182d8dc
[  697.147024][T23214] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  697.147076][T23214] RSP: 002b:00007f57a028f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  697.147098][T23214] RAX: ffffffffffffffda RBX: 00007f57a1a85fa0 RCX: 00007f57a182d8dc
[  697.147112][T23214] RDX: 000000000000000f RSI: 00007f57a028f0a0 RDI: 0000000000000006
[  697.147126][T23214] RBP: 00007f57a028f090 R08: 0000000000000000 R09: 0000000000000000
[  697.147140][T23214] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  697.147154][T23214] R13: 00007f57a1a86038 R14: 00007f57a1a85fa0 R15: 00007ffcc66ca858
[  697.147243][T23214]  </TASK>
[  697.754277][T23232] loop1: detected capacity change from 0 to 128
[  697.768493][T23232] bio_check_eod: 319 callbacks suppressed
[  697.768508][T23232] syz.1.6072: attempt to access beyond end of device
[  697.768508][T23232] loop1: rw=2049, sector=154, nr_sectors = 6 limit=128
[  697.817288][T23232] syz.1.6072: attempt to access beyond end of device
[  697.817288][T23232] loop1: rw=2049, sector=158, nr_sectors = 2 limit=128
[  697.830794][T23232] buffer_io_error: 31 callbacks suppressed
[  697.830849][T23232] Buffer I/O error on dev loop1, logical block 79, lost async page write
[  697.879545][T23232] syz.1.6072: attempt to access beyond end of device
[  697.879545][T23232] loop1: rw=2049, sector=160, nr_sectors = 2 limit=128
[  697.897014][T23232] Buffer I/O error on dev loop1, logical block 80, lost async page write
[  697.936840][T23232] syz.1.6072: attempt to access beyond end of device
[  697.936840][T23232] loop1: rw=2049, sector=154, nr_sectors = 2 limit=128
[  697.950317][T23232] Buffer I/O error on dev loop1, logical block 77, lost async page write
[  697.978847][T23232] syz.1.6072: attempt to access beyond end of device
[  697.978847][T23232] loop1: rw=2049, sector=156, nr_sectors = 2 limit=128
[  697.992369][T23232] Buffer I/O error on dev loop1, logical block 78, lost async page write
[  698.031152][T23232] syz.1.6072: attempt to access beyond end of device
[  698.031152][T23232] loop1: rw=2049, sector=158, nr_sectors = 2 limit=128
[  698.044597][T23232] Buffer I/O error on dev loop1, logical block 79, lost async page write
[  698.071127][T23232] syz.1.6072: attempt to access beyond end of device
[  698.071127][T23232] loop1: rw=2049, sector=160, nr_sectors = 2 limit=128
[  698.084560][T23232] Buffer I/O error on dev loop1, logical block 80, lost async page write
[  698.245990][T23237] program syz.4.6073 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  698.307053][   T52] kworker/u8:3: attempt to access beyond end of device
[  698.307053][   T52] loop1: rw=1, sector=154, nr_sectors = 2 limit=128
[  698.320507][   T52] Buffer I/O error on dev loop1, logical block 77, lost async page write
[  698.333161][   T52] kworker/u8:3: attempt to access beyond end of device
[  698.333161][   T52] loop1: rw=1, sector=156, nr_sectors = 2 limit=128
[  698.346719][   T52] Buffer I/O error on dev loop1, logical block 78, lost async page write
[  698.422996][T23240] syzkaller0: entered promiscuous mode
[  698.428589][T23240] syzkaller0: entered allmulticast mode
[  698.444346][   T52] kworker/u8:3: attempt to access beyond end of device
[  698.444346][   T52] loop1: rw=1, sector=158, nr_sectors = 2 limit=128
[  698.457909][   T52] Buffer I/O error on dev loop1, logical block 79, lost async page write
[  698.473373][T23240] FAULT_INJECTION: forcing a failure.
[  698.473373][T23240] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  698.486471][T23240] CPU: 0 UID: 0 PID: 23240 Comm: syz.0.6074 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  698.486591][T23240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  698.486608][T23240] Call Trace:
[  698.486617][T23240]  <TASK>
[  698.486704][T23240]  __dump_stack+0x1d/0x30
[  698.486726][T23240]  dump_stack_lvl+0xe8/0x140
[  698.486767][T23240]  dump_stack+0x15/0x1b
[  698.486783][T23240]  should_fail_ex+0x265/0x280
[  698.486853][T23240]  should_fail+0xb/0x20
[  698.487005][T23240]  should_fail_usercopy+0x1a/0x20
[  698.487044][T23240]  _copy_from_user+0x1c/0xb0
[  698.487077][T23240]  __sys_sendto+0x19e/0x330
[  698.487272][T23240]  __x64_sys_sendto+0x76/0x90
[  698.487304][T23240]  x64_sys_call+0x2d14/0x3000
[  698.487328][T23240]  do_syscall_64+0xd2/0x200
[  698.487351][T23240]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  698.487391][T23240]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  698.487499][T23240]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  698.487521][T23240] RIP: 0033:0x7f57a182eec9
[  698.487535][T23240] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  698.487553][T23240] RSP: 002b:00007f57a028f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  698.487608][T23240] RAX: ffffffffffffffda RBX: 00007f57a1a85fa0 RCX: 00007f57a182eec9
[  698.487626][T23240] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000009
[  698.487642][T23240] RBP: 00007f57a028f090 R08: 00002000000001c0 R09: 0000000000000014
[  698.487677][T23240] R10: 0000000000000040 R11: 0000000000000246 R12: 0000000000000001
[  698.487716][T23240] R13: 00007f57a1a86038 R14: 00007f57a1a85fa0 R15: 00007ffcc66ca858
[  698.487734][T23240]  </TASK>
[  698.663007][   T52] Buffer I/O error on dev loop1, logical block 80, lost async page write
[  698.736626][T23244] netlink: 68 bytes leftover after parsing attributes in process `syz.4.6076'.
[  698.762750][T23246] FAULT_INJECTION: forcing a failure.
[  698.762750][T23246] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  698.775931][T23246] CPU: 0 UID: 0 PID: 23246 Comm: syz.0.6077 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  698.776008][T23246] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  698.776021][T23246] Call Trace:
[  698.776028][T23246]  <TASK>
[  698.776055][T23246]  __dump_stack+0x1d/0x30
[  698.776076][T23246]  dump_stack_lvl+0xe8/0x140
[  698.776095][T23246]  dump_stack+0x15/0x1b
[  698.776137][T23246]  should_fail_ex+0x265/0x280
[  698.776187][T23246]  should_fail+0xb/0x20
[  698.776217][T23246]  should_fail_usercopy+0x1a/0x20
[  698.776239][T23246]  _copy_from_user+0x1c/0xb0
[  698.776339][T23246]  ___sys_sendmsg+0xc1/0x1d0
[  698.776536][T23246]  __x64_sys_sendmsg+0xd4/0x160
[  698.776633][T23246]  x64_sys_call+0x191e/0x3000
[  698.776660][T23246]  do_syscall_64+0xd2/0x200
[  698.776689][T23246]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  698.776797][T23246]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  698.776879][T23246]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  698.776904][T23246] RIP: 0033:0x7f57a182eec9
[  698.776990][T23246] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  698.777047][T23246] RSP: 002b:00007f57a028f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  698.777071][T23246] RAX: ffffffffffffffda RBX: 00007f57a1a85fa0 RCX: 00007f57a182eec9
[  698.777107][T23246] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  698.777122][T23246] RBP: 00007f57a028f090 R08: 0000000000000000 R09: 0000000000000000
[  698.777138][T23246] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  698.777152][T23246] R13: 00007f57a1a86038 R14: 00007f57a1a85fa0 R15: 00007ffcc66ca858
[  698.777169][T23246]  </TASK>
[  699.006233][T23250] netlink: 68 bytes leftover after parsing attributes in process `syz.0.6079'.
[  699.025468][T23251] SELinux: failed to load policy
[  699.048327][T23251] x_tables: ip6_tables: mh match: only valid for protocol 135
[  699.157495][T23263] loop1: detected capacity change from 0 to 1024
[  699.181797][T23263] EXT4-fs: Ignoring removed orlov option
[  699.200514][T23262] loop0: detected capacity change from 0 to 512
[  699.217631][T23268] loop4: detected capacity change from 0 to 1024
[  699.234913][T23268] EXT4-fs: Ignoring removed nobh option
[  699.240508][T23268] EXT4-fs: Ignoring removed bh option
[  699.253064][T23262] ext4 filesystem being mounted at /559/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  699.283638][T23275] loop1: detected capacity change from 0 to 1024
[  699.290403][T23275] EXT4-fs: Ignoring removed orlov option
[  699.299142][T23273] loop7: detected capacity change from 0 to 1024
[  699.307762][T23273] EXT4-fs: Ignoring removed nobh option
[  699.313446][T23273] EXT4-fs: Ignoring removed bh option
[  699.321051][T23262] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6084'.
[  699.331000][T23262] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6084'.
[  699.356164][T23268] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000.
[  699.367053][T23273] EXT4-fs (loop7): re-mounted 00000000-0000-0000-0000-000000000000.
[  699.402690][   T29] kauditd_printk_skb: 100 callbacks suppressed
[  699.402708][   T29] audit: type=1400 audit(1760552880.626:19824): avc:  denied  { read } for  pid=23274 comm="syz.1.6088" name="file1" dev="loop1" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1
[  699.439059][T23275] gretap0: entered promiscuous mode
[  699.444773][T23275] macsec1: entered promiscuous mode
[  699.450267][T23275] macsec1: entered allmulticast mode
[  699.455670][T23275] gretap0: entered allmulticast mode
[  699.464759][T23275] gretap0: left allmulticast mode
[  699.469902][T23275] gretap0: left promiscuous mode
[  699.502141][   T29] audit: type=1400 audit(1760552880.716:19825): avc:  denied  { setcurrent } for  pid=23286 comm="syz.4.6090" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  699.548710][T23293] FAULT_INJECTION: forcing a failure.
[  699.548710][T23293] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  699.561864][T23293] CPU: 1 UID: 0 PID: 23293 Comm: syz.7.6092 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  699.561949][T23293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  699.561967][T23293] Call Trace:
[  699.561975][T23293]  <TASK>
[  699.561984][T23293]  __dump_stack+0x1d/0x30
[  699.562066][T23293]  dump_stack_lvl+0xe8/0x140
[  699.562088][T23293]  dump_stack+0x15/0x1b
[  699.562110][T23293]  should_fail_ex+0x265/0x280
[  699.562154][T23293]  should_fail+0xb/0x20
[  699.562190][T23293]  should_fail_usercopy+0x1a/0x20
[  699.562212][T23293]  _copy_from_user+0x1c/0xb0
[  699.562285][T23293]  ___sys_sendmsg+0xc1/0x1d0
[  699.562396][T23293]  __x64_sys_sendmsg+0xd4/0x160
[  699.562508][T23293]  x64_sys_call+0x191e/0x3000
[  699.562531][T23293]  do_syscall_64+0xd2/0x200
[  699.562559][T23293]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  699.562614][T23293]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  699.562730][T23293]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  699.562759][T23293] RIP: 0033:0x7fb8ba00eec9
[  699.562800][T23293] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  699.562824][T23293] RSP: 002b:00007fb8b8a6f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  699.562849][T23293] RAX: ffffffffffffffda RBX: 00007fb8ba265fa0 RCX: 00007fb8ba00eec9
[  699.562864][T23293] RDX: 0000000004000000 RSI: 0000200000000200 RDI: 0000000000000003
[  699.562882][T23293] RBP: 00007fb8b8a6f090 R08: 0000000000000000 R09: 0000000000000000
[  699.562956][T23293] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  699.563021][T23293] R13: 00007fb8ba266038 R14: 00007fb8ba265fa0 R15: 00007ffd3ba7b108
[  699.563048][T23293]  </TASK>
[  699.780113][T23302] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6097'.
[  699.790920][T23298] loop0: detected capacity change from 0 to 1024
[  699.798003][T23298] EXT4-fs: Ignoring removed nobh option
[  699.803611][T23298] EXT4-fs: Ignoring removed bh option
[  699.809141][T23303] netlink: 'syz.1.6095': attribute type 39 has an invalid length.
[  699.855766][T23311] loop7: detected capacity change from 0 to 1024
[  699.865077][   T29] audit: type=1326 audit(1760552881.076:19826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23297 comm="syz.0.6096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57a182eec9 code=0x7ffc0000
[  699.888710][   T29] audit: type=1326 audit(1760552881.076:19827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23297 comm="syz.0.6096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f57a182eec9 code=0x7ffc0000
[  699.912326][   T29] audit: type=1326 audit(1760552881.086:19828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23297 comm="syz.0.6096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57a182eec9 code=0x7ffc0000
[  699.935928][   T29] audit: type=1326 audit(1760552881.086:19829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23297 comm="syz.0.6096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f57a182eec9 code=0x7ffc0000
[  699.960651][T23298] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000.
[  699.961454][T23311] EXT4-fs: Ignoring removed nobh option
[  699.969066][   T29] audit: type=1326 audit(1760552881.186:19830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23297 comm="syz.0.6096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57a182eec9 code=0x7ffc0000
[  699.974449][T23311] EXT4-fs: Ignoring removed bh option
[  699.998055][   T29] audit: type=1326 audit(1760552881.186:19831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23297 comm="syz.0.6096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57a182eec9 code=0x7ffc0000
[  700.053792][T23315] netlink: 'syz.0.6101': attribute type 39 has an invalid length.
[  700.068614][T23311] EXT4-fs (loop7): re-mounted 00000000-0000-0000-0000-000000000000.
[  700.075131][T23317] netlink: 24 bytes leftover after parsing attributes in process `syz.4.6102'.
[  700.108886][T23322] loop4: detected capacity change from 0 to 128
[  700.250811][T23322] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6104'.
[  700.259759][T23322] netlink: 24 bytes leftover after parsing attributes in process `syz.4.6104'.
[  700.307124][T23339] FAULT_INJECTION: forcing a failure.
[  700.307124][T23339] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  700.320278][T23339] CPU: 0 UID: 0 PID: 23339 Comm: syz.1.6110 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  700.320311][T23339] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  700.320326][T23339] Call Trace:
[  700.320337][T23339]  <TASK>
[  700.320345][T23339]  __dump_stack+0x1d/0x30
[  700.320366][T23339]  dump_stack_lvl+0xe8/0x140
[  700.320388][T23339]  dump_stack+0x15/0x1b
[  700.320404][T23339]  should_fail_ex+0x265/0x280
[  700.320556][T23339]  should_fail+0xb/0x20
[  700.320659][T23339]  should_fail_usercopy+0x1a/0x20
[  700.320687][T23339]  _copy_from_user+0x1c/0xb0
[  700.320774][T23339]  ___sys_sendmsg+0xc1/0x1d0
[  700.320872][T23339]  __x64_sys_sendmsg+0xd4/0x160
[  700.320907][T23339]  x64_sys_call+0x191e/0x3000
[  700.321046][T23339]  do_syscall_64+0xd2/0x200
[  700.321083][T23339]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  700.321119][T23339]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  700.321150][T23339]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  700.321173][T23339] RIP: 0033:0x7effb297eec9
[  700.321188][T23339] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  700.321207][T23339] RSP: 002b:00007effb13df038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  700.321228][T23339] RAX: ffffffffffffffda RBX: 00007effb2bd5fa0 RCX: 00007effb297eec9
[  700.321246][T23339] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  700.321328][T23339] RBP: 00007effb13df090 R08: 0000000000000000 R09: 0000000000000000
[  700.321340][T23339] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  700.321389][T23339] R13: 00007effb2bd6038 R14: 00007effb2bd5fa0 R15: 00007ffd019352f8
[  700.321416][T23339]  </TASK>
[  700.553793][T23335] syzkaller0: entered promiscuous mode
[  700.559332][T23335] syzkaller0: entered allmulticast mode
[  700.725770][T23344] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6111'.
[  700.732856][T23346] loop1: detected capacity change from 0 to 1024
[  700.741760][T23346] EXT4-fs: Ignoring removed nobh option
[  700.747359][T23346] EXT4-fs: Ignoring removed bh option
[  700.771199][   T29] audit: type=1326 audit(1760552881.986:19832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23345 comm="syz.1.6112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effb297eec9 code=0x7ffc0000
[  700.797907][T23346] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000.
[  700.802869][   T29] audit: type=1326 audit(1760552882.016:19833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23345 comm="syz.1.6112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7effb297eec9 code=0x7ffc0000
[  700.845444][T22843] EXT4-fs unmount: 41 callbacks suppressed
[  700.845463][T22843] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  700.935228][T23356] FAULT_INJECTION: forcing a failure.
[  700.935228][T23356] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  700.948456][T23356] CPU: 0 UID: 0 PID: 23356 Comm: syz.7.6116 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  700.948484][T23356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  700.948497][T23356] Call Trace:
[  700.948503][T23356]  <TASK>
[  700.948513][T23356]  __dump_stack+0x1d/0x30
[  700.948541][T23356]  dump_stack_lvl+0xe8/0x140
[  700.948568][T23356]  dump_stack+0x15/0x1b
[  700.948591][T23356]  should_fail_ex+0x265/0x280
[  700.948689][T23356]  should_fail+0xb/0x20
[  700.948773][T23356]  should_fail_usercopy+0x1a/0x20
[  700.948797][T23356]  _copy_from_user+0x1c/0xb0
[  700.948831][T23356]  __sys_bind+0x106/0x2a0
[  700.948863][T23356]  __x64_sys_bind+0x3f/0x50
[  700.948959][T23356]  x64_sys_call+0x2b72/0x3000
[  700.949045][T23356]  do_syscall_64+0xd2/0x200
[  700.949077][T23356]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  700.949112][T23356]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  700.949134][T23356]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  700.949173][T23356] RIP: 0033:0x7fb8ba00eec9
[  700.949189][T23356] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  700.949276][T23356] RSP: 002b:00007fb8b8a6f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  700.949297][T23356] RAX: ffffffffffffffda RBX: 00007fb8ba265fa0 RCX: 00007fb8ba00eec9
[  700.949311][T23356] RDX: 0000000000000010 RSI: 0000200000000000 RDI: 0000000000000006
[  700.949324][T23356] RBP: 00007fb8b8a6f090 R08: 0000000000000000 R09: 0000000000000000
[  700.949337][T23356] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  700.949424][T23356] R13: 00007fb8ba266038 R14: 00007fb8ba265fa0 R15: 00007ffd3ba7b108
[  700.949445][T23356]  </TASK>
[  701.163842][T23361] loop0: detected capacity change from 0 to 1024
[  701.170569][T23361] EXT4-fs: Ignoring removed orlov option
[  701.197833][T23361] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  701.230302][T14373] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  701.235516][T23367] loop1: detected capacity change from 0 to 128
[  701.295717][T23373] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6124'.
[  701.338546][T23382] syz.4.6128 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  701.353857][T23384] loop6: detected capacity change from 0 to 128
[  701.412862][T23392] program syz.4.6131 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  701.473655][T23397] program syz.1.6133 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  701.500204][T23401] FAULT_INJECTION: forcing a failure.
[  701.500204][T23401] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  701.513397][T23401] CPU: 0 UID: 0 PID: 23401 Comm: syz.7.6135 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  701.513421][T23401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  701.513458][T23401] Call Trace:
[  701.513464][T23401]  <TASK>
[  701.513471][T23401]  __dump_stack+0x1d/0x30
[  701.513490][T23401]  dump_stack_lvl+0xe8/0x140
[  701.513507][T23401]  dump_stack+0x15/0x1b
[  701.513522][T23401]  should_fail_ex+0x265/0x280
[  701.513623][T23401]  should_fail+0xb/0x20
[  701.513651][T23401]  should_fail_usercopy+0x1a/0x20
[  701.513673][T23401]  _copy_from_user+0x1c/0xb0
[  701.513695][T23401]  ___sys_sendmsg+0xc1/0x1d0
[  701.513734][T23401]  __x64_sys_sendmsg+0xd4/0x160
[  701.513814][T23401]  x64_sys_call+0x191e/0x3000
[  701.513835][T23401]  do_syscall_64+0xd2/0x200
[  701.513868][T23401]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  701.513902][T23401]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  701.513957][T23401]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  701.513978][T23401] RIP: 0033:0x7fb8ba00eec9
[  701.513994][T23401] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  701.514018][T23401] RSP: 002b:00007fb8b8a6f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  701.514042][T23401] RAX: ffffffffffffffda RBX: 00007fb8ba265fa0 RCX: 00007fb8ba00eec9
[  701.514091][T23401] RDX: 0000000024044880 RSI: 0000200000000540 RDI: 0000000000000003
[  701.514152][T23401] RBP: 00007fb8b8a6f090 R08: 0000000000000000 R09: 0000000000000000
[  701.514168][T23401] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  701.514182][T23401] R13: 00007fb8ba266038 R14: 00007fb8ba265fa0 R15: 00007ffd3ba7b108
[  701.514226][T23401]  </TASK>
[  701.755355][T23408] erspan0: entered promiscuous mode
[  701.760669][T23408] vlan2: entered promiscuous mode
[  701.826194][T12325] ==================================================================
[  701.834339][T12325] BUG: KCSAN: data-race in pty_stop / pty_unix98_ioctl
[  701.841232][T12325] 
[  701.843562][T12325] write to 0xffff8881199ed5d5 of 1 bytes by task 23416 on cpu 0:
[  701.851286][T12325]  pty_unix98_ioctl+0x2c0/0x2e0
[  701.856168][T12325]  tty_ioctl+0x7d8/0xb80
[  701.860422][T12325]  __se_sys_ioctl+0xce/0x140
[  701.865021][T12325]  __x64_sys_ioctl+0x43/0x50
[  701.869617][T12325]  x64_sys_call+0x1816/0x3000
[  701.874305][T12325]  do_syscall_64+0xd2/0x200
[  701.878821][T12325]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  701.884726][T12325] 
[  701.887070][T12325] read to 0xffff8881199ed5d5 of 1 bytes by task 12325 on cpu 1:
[  701.894698][T12325]  pty_stop+0x3f/0xe0
[  701.898698][T12325]  stop_tty+0x8d/0xe0
[  701.902689][T12325]  n_tty_receive_char_flow_ctrl+0xec/0x1a0
[  701.908517][T12325]  n_tty_receive_buf_standard+0x4d2/0x2f10
[  701.914346][T12325]  n_tty_receive_buf_common+0x805/0xbe0
[  701.919910][T12325]  n_tty_receive_buf2+0x33/0x40
[  701.924778][T12325]  tty_ldisc_receive_buf+0x66/0xf0
[  701.929902][T12325]  tty_port_default_receive_buf+0x59/0x90
[  701.935647][T12325]  flush_to_ldisc+0x148/0x340
[  701.940363][T12325]  process_scheduled_works+0x4ce/0x9d0
[  701.945848][T12325]  worker_thread+0x582/0x770
[  701.950448][T12325]  kthread+0x489/0x510
[  701.954526][T12325]  ret_from_fork+0x122/0x1b0
[  701.959128][T12325]  ret_from_fork_asm+0x1a/0x30
[  701.963916][T12325] 
[  701.966247][T12325] value changed: 0x00 -> 0x01
[  701.970923][T12325] 
[  701.973255][T12325] Reported by Kernel Concurrency Sanitizer on:
[  701.979412][T12325] CPU: 1 UID: 0 PID: 12325 Comm: kworker/u8:13 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  701.989492][T12325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  701.999989][T12325] Workqueue: events_unbound flush_to_ldisc
[  702.005900][T12325] ==================================================================
[  702.028576][T23422] netlink: 'syz.4.6143': attribute type 1 has an invalid length.
[  702.048498][T23422] 8021q: adding VLAN 0 to HW filter on device bond1
[  702.073572][T23422] bond1: (slave veth3): Enslaving as an active interface with a down link
[  702.086745][T23422] 8021q: adding VLAN 0 to HW filter on device batadv1
[  702.094118][T23422] bond1: (slave batadv1): dev_set_mac_address on slave failed! ALB mode requires that the base driver support setting the hw address also when the network device's interface is open
[  702.134866][T23426] netlink: 'syz.4.6143': attribute type 4 has an invalid length.
[  702.146049][T23426] netlink: 'syz.4.6143': attribute type 4 has an invalid length.