last executing test programs:

4m20.80493895s ago: executing program 3 (id=2461):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0x6}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x3800480, &(0x7f0000002200), 0x45, 0x786, &(0x7f00000007c0)="$eJzs3d9rW2UfAPDvSX93e9/2hRd0XhUELYyldtZNwYuJFyI4GOi1W0mzMps2o0nHWgpuiOCNoOKFoDe79se889Yft/pfeCEbU7vhxAupnDRZszXpkq1J5vb5wGme5zwnfZ5vnnOe8yTnkATwyJpI/2QiDkTEB0nEWHV9EhEDlVR/xLGt7W5urOfSJYnNzdd/Syrb3NhYz0Xdc1L7qpnHI+L7dyMOZnbWW1pdW5gtFPLL1fxUefHsVGl17dCZxdn5/Hx+6cj0zMzho88dPbJ3sf7x09r+qx++8vRXx/5657HL7/+QxLHYXy2rj2OvTMRE9TUZSF/C27y815X1WLJ7cYM9gAdB2jF9W0d5HIix6KukmhjpZssAgE55OyI2m+lrWgIA/Kslzc//AMBDqfY5wI2N9Vxt6e0nEt117aWIGN6Kv3Z9c6ukv3rNbrhyHXT0RnLblZEkIsb3oP6JiPjsmze/SJfo0HVIgEYuXIyIU+MTO8f/ZMc9C+16poVtJu7IG/+ge75N5z/PN5r/ZW7Nf6LB/GeowbF7L+5+/Geu7EE1TaXzvxfr7m27WRd/1XhfNfefypxvIDl9ppBPx7b/RsRkDAyl+eld6pi8/vf1ZmX187/fP3rr87T+9HF7i8yV/qHbnzM3W569n5jrXbsY8UR/o/iTW/2fNJn/nmixjldfeO/TZmVp/Gm8tWVn/J21eSniqYb9v31HW7Lr/YlTld1hqrZTNPD1z5+MNqu/vv/TJa2/9l6gG9L+H909/vGk/n7NUvt1/Hhp7LtmZXePv/H+P5i8UUkPVtedny2Xl6cjBpPXdq4/vP3cWr62fRr/5JONj//d9v/0PeGpFuPvv/rrl/cef2el8c+11f/tJy7fXOhrVn9r/T9TSU1W17Qy/rXawPt57QAAAAAAAAAAAAAAAAAAAAAAAACgVZmI2B9JJnsrnclks1u/4f3/GM0UiqXywdPFlaW5qPxW9ngMZGpfdTlW932o09Xvw6/lD9+RfzYi/hcRHw+NVPLZXLEw1+vgAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBqX5Pf/0/9MtTr1gEAHTPc1+sWAADdNtzf6xYAAN023NbWIx1rBwDQPe2d/wGAh4HzPwA8epz/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6LATx4+ny+afG+u5ND93bnVloXju0Fy+tJBdXMllc8Xls9n5YnG+kM/miotN/9GFrYdCsXh2JpZWzk+V86XyVGl17eRicWWpfPLM4ux8/mR+oGuRAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDrSqtrC7OFQn5ZQkKi7URc2DqOHpT27F0iBrdHiZGejU8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD7p/AgAA//+mAybn")
creat(&(0x7f0000000100)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x0, 0x0, 0x0, 0x5, 0xa8, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops}, 0x94)
r2 = open(&(0x7f0000000540)='./bus\x00', 0x4000, 0x100)
preadv2(r2, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/4096, 0x1000}], 0x2, 0x0, 0x0, 0x0)

4m20.711160858s ago: executing program 3 (id=2462):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f0000000000)=<r1=>0x0)
bind$nfc_llcp(0xffffffffffffffff, &(0x7f0000001040)={0x27, r1, 0xffffffffffffffff, 0x5, 0x0, 0x0, "d92984bd1ca44c226af5160e961711a077609475b78411e88509de050000000000f2170e65e3f50327e422000000000000000000000200000000001900", 0x3c}, 0x60)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000700)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000640)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x16, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r2}, &(0x7f0000000800), &(0x7f0000000840)=r3}, 0x20)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0)
flistxattr(r4, 0x0, 0x0) (fail_nth: 7)
getsockopt$inet_sctp_SCTP_MAX_BURST(r4, 0x84, 0x14, &(0x7f0000000080)=@assoc_value, &(0x7f0000000180)=0x8)
openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0xb6f8000)
getxattr(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="e64a7bf5bff03f8f5263e9060582b11e6889cfa80947151bba393805353e1e351b2ca295ce1326424e11fec6ee2c42b3e7944889ecc71ee56a50023788da5ac882f1a872b65c9abde0a788344a299f65711a887f6f30691031b5cf3b26c5a128a303ba63ccd342cf769c4e265359a228d7a9435848f7c8142fbc6e6c9e184847072e77925dee2478e0e47b2331a0d99b03b0b3969c7ef89aaf04ff62225ee944042c54601d66be5af0f8dd775ebc8b75c3834ec9ed89e3e9c24f9b93377dee7162d81325d33db9fe0cd9de8c18abe6d9878518995a0906051237ee6d849b05e7f38463bbc5bce5dad0a5be4de7b1ad38ccf20bdafd71212e4c68f6b44db68c6c"], 0x0, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
mlockall(0x7)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0xc8101339d852ece3, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x4, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], 0x0, 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r5, 0x0, 0x5}, 0x18)
lsm_set_self_attr(0x69, 0x0, 0x42, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002078316e00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000800000008500000006000000850000000500000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7f}, 0x94)
lsm_get_self_attr(0x66, &(0x7f0000000380)={0x0, 0x0, 0x65, 0x45, ""/69}, &(0x7f00000000c0)=0x65, 0x1)
r7 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x5, 0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40082, 0x2, @perf_bp={0x0, 0x1}, 0x1100, 0x5, 0x3a65, 0x5, 0xffffffffffffffff, 0xa, 0xfffd, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r6, 0x5, 0xe, 0x0, &(0x7f0000000080)="259a53f271a76d2688ca4c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYRES16, @ANYRES32=r7, @ANYBLOB, @ANYRES32, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x1a, 0xd, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRESDEC, @ANYRES16=0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x800, 0x0)
ioctl$SIOCSIFHWADDR(r8, 0x8924, &(0x7f0000000440)={'veth0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}})
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x48a, &(0x7f0000000ac0)={[{@jqfmt_vfsold}, {@grpjquota, 0x22}, {@errors_continue}, {@grpjquota}, {@nombcache}, {@grpjquota_path={'grpjquota', 0x3d, './file0'}, 0x22}, {@errors_continue}, {@nombcache}, {@abort}], [{@smackfsroot={'smackfsroot', 0x3d, 'kmem_cache_free\x00'}}, {@obj_user={'obj_user', 0x3d, '/dev/net/tun\x00'}}, {@dont_hash}]}, 0x5, 0x463, &(0x7f0000001300)="$eJzs3MtvG0UYAPBv7Th9k1DKo6WFQEFUPJImfdADlyKQOICEBIciTiFNq1K3QU2QaFVByqEcUSXuiCMS4g/gQrkg4ITEFe4IqaBcKJyM1t5N3cR2nMSOS/37SZvMeMaa+XZ37PGs1wH0rZH0TxKxPSJ+jYihWvb2CiO1fzcXLk/9s3B5KolK5Y2/kmq9vxcuT+VV8+dtq2UqlRbtXn07YrJcnr6Q5cfmzr03Nnvx0nNnzk2enj49fX7i2LHDh/YNHp040pE4d6R93fPhzN7dr7x17bWpE9fe+fGrtL/bs/L6ODplpLZ3G3qy04312I66dDLQw46wKsWISA9XqTr+h6IYWxbLhuLlj3vaOaCrKpVCZVPz4vkKcBdLJ+pAP8rf6NPPv/m2QVOPO8KN47G4jnEz22olA1HI6pSyz0jdMBIRJ+b//TzdokvrEAAA9a4fj4hnG83/CvFAXb17smtDwxFxb0TsjIj7ImJXRNwfUa37YEQ81Ga7+Srz0isky+c/laE1B9eGdP73QnZt6/b5Xz77i+FilttRjb+UnDpTnj6Y7ZMDUdqU5sdbtPHdS7982qysfv6Xbmn7+Vww68cfA0sW6E5Ozk2uJ+Z6N65E7BloFH+yOOdN58e7I2LPGts48/SXe5uVrRx/Cx2YlFe+iHiqdvznY0n8uaTp9cnx549OHBnbHOXpg2P5WbHcTz9ffT1rLVlatq74O+DG9UpsbXj+L3Z1ONkcMXvx0tnq9drZ1bdx9bdPmn6mWev5P5i8WU0PZo99MDk3d2E8YjB5dfnjE7eem+fz+un5f2B/4/G/M27tiYcjIj2J90XEIxHxaNb3xyLi8YjY3yL+H1584t3Vx99iVb6D0vj/LK1w/KP++K8+UTz7/Terjz+XHv/D1dSB7JF2Xv9a9evKhfWczQAAAPD/U6h+Bz4pjC6mC4XR0dp3+HfF1kJ5ZnbumVMz758/Wfuu/HCUCvlK11Ddeuh4tjac5yeW5A9l68afFbdU86NTM+WTvQ4e+ty2JuM/9Xux170Dus79WtC/jH/oX+2N//mu9wPYeN7/oX81Gv9fe1GAvtBoqH/Ug34AG2+Ft/otG9UPYOOZ6kP/Mv6hfxn/0Jea3iRfWNct/xJdSJTaqPPt4Pp+q6H9RBTukN1y1yRK0bBooOWPWXQgsalhUa9fmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADrjvwAAAP//X27lkw==")

4m20.248266985s ago: executing program 3 (id=2472):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
write$sndseq(r1, &(0x7f0000000180)=[{0x0, 0x47, 0x0, 0x0, @tick, {0x40, 0xff}, {0x0, 0x9}, @queue={0xee, {0x7, 0xc9a}}}, {0x0, 0x0, 0x0, 0x0, @time={0x367f, 0xfffffffd}, {}, {0x80}, @connect={{0x40, 0x7}, {0x80, 0xf6}}}], 0x38)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32], 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000080000000"], 0x0}, 0x94)
r2 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00'})
syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="12010000000000085e048e0000000000000109022400010000800f0904000004030000000921faff"], 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0xa101, 0x0)
ioctl$TCSETAF(r3, 0x5408, &(0x7f00000000c0)={0x4e00, 0x0, 0x730, 0xbdff, 0x10, "feeeff000000001b"})
write$binfmt_aout(r3, &(0x7f0000000100)=ANY=[], 0xff2e)
ioctl$TCSETS(r3, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x3, 0x0, 0x0, "0062ba7d82000000000000000000f7fffeff00"})
r4 = syz_open_pts(r3, 0x8182)
r5 = dup3(r4, r3, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r6}, &(0x7f0000000380), &(0x7f00000003c0)}, 0x20)
close(0xffffffffffffffff)
ioctl$TIOCSTI(r5, 0x5412, &(0x7f0000000000)=0x17)

4m19.30734554s ago: executing program 3 (id=2490):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000019280)=ANY=[@ANYBLOB="1c0000001a0001002dbd020000000000812080000000000000000000"], 0x1c}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000340)='ext4\x00', &(0x7f0000000280)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f0000000400), 0x1, 0xbaf, &(0x7f00000017c0)="$eJzs3M1rXFUbAPDn3ny2zftO+vIi1k0jIi2o07SSYotgKxU3LgTdCg3ppIRMP0giNWkWE/0HRF0LbgS1KF3YdTcKbt1o3VpcCEVioyCikTsfSWxmkrSd5Ibk94Mz95w5d+Z5nrlM7j0wNwHsWgPZQxpxICLOJhGF+vNpRHRXe70Rldp+C/OzI7/Pz44ksbj42i9JJBFxd352pPFeSX27rz7ojYhvX0zif++sjjs5PTM+XC6XJurjI1MXLh+ZnJ55ZuzC8PnS+dLFo8efGzo2dHzwxFDbav3jx1M3fnv85Z8qf37617Vf3/84iVPRV59bWUe7DMTA0meyUmdEDLc7WE466vWsrDPpXOdF6SYnBQBAS+mKa7hHohAdsXzxVoivvss1OQAAAKAtFjsiFgEAAIAdLrH+BwAAgB2u8TuAu/OzI42W7y8Sttad0xHRX6t/od5qM51RqW57oysi9t5NYuVtrUntZQ9tICJu/3Dii6zFJt2HvJbKXEQ82uz4J9X6+6t3ca+uP42IwTbEH7hnvN3qf7q7df2n2hA/7/oB2J1unq6dyFaf/9Kl659ocv7rbHLuehB5n/8a138Lq67/luvvaHH99+oGY1z95MMrreay+p+/8dLnjZbFz7YPVdR9uDMX8Vhns/qTpfqTFvWf3WCMwt9XSq3m8q5/8aOIQ9G8/oZk7f9PdGR0rFwarD02jTH3zdBnreLnXX92/Pe2qH+94395gzHeOHPmequ59etPf+5OXq/2uuvPvDU8NTVxNKI7eWX188fqN7S30Nin8R5Z/YefWPv736z+LESl/jlka4G5+jYbv31PzBeuXf1yrfqztV+ex//cAx7/dzcY48mv3zvcam7l+jdrWfzbSW0tDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaUT0RZIWl/ppWixG7IuI/8fetHxpcuqp0UtvXjyXzUX0R1c6OlYuDUZEoTZOsvHRan95fOye8bMRsT8iPijsqY6LI5fK5/IuHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCX7IqIvkrQYEWlELBTStFjMOysAAACg7frzTgAAAADYdNb/AAAAsPNZ/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDJ9h+8eSuJiMrJPdWW6a7PdeWaGbDZ0rwTAHLTkXcCQG46804AyM19rvFdLsAOlKwz39typqftuQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwfR06cPNWEhGVk3uqLdNdn+tq+oqDW5gdsJnSvBMActOx1mTn1uUBbD1fcdi9mq/xgd0kWWe+d3mfyr9nejYtJwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2n75qS9JiRKTVfpoWixH/iYj+6EpGx8qlwYj4b0R8X+jqycY9eScNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA201Oz4wPl8ulCR0dnXw7yfZIo9bJ+y8TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB5mJyeGR8ul0sTk3lnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAORtcnpmfLhcLk1soHP9fnZe0cm7RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8vNPAAAA///5ZQ4Q")
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x13, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r2}, 0x18)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
mbind(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x4003, &(0x7f0000000c00)=0xc, 0x6, 0x2)
r3 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
fallocate(r3, 0x0, 0x0, 0x1000f4)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
syz_clone(0x100, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="01000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r4}, &(0x7f00000001c0), &(0x7f0000000240)}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
r6 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x389b0d52417bb201)
pwritev2(r6, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x1}], 0x1, 0x7000, 0x0, 0x10)

4m18.844469027s ago: executing program 3 (id=2502):
prctl$PR_SET_NAME(0xf, &(0x7f0000000480)='gtp\x00')
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000180100002020732600000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0x3}, 0x18)
r1 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0)
write$selinux_attr(r1, 0x0, 0x10)

4m18.524560593s ago: executing program 3 (id=2507):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000060000000500"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffd98, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$fou(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000004c0)={0x14, r3, 0x1, 0x70bd2d, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4080}, 0x40040)

4m18.524250082s ago: executing program 32 (id=2507):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000060000000500"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffd98, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$fou(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000004c0)={0x14, r3, 0x1, 0x70bd2d, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4080}, 0x40040)

1m24.828867848s ago: executing program 1 (id=5284):
r0 = socket(0xa, 0x3, 0x3a)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000640)={0x0, r2, 0x0, 0x200000000003}, 0x18)
setsockopt$MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000040)={0x0, 0x1}, 0xc)
setsockopt$MRT6_FLUSH(r0, 0x29, 0xd4, &(0x7f0000000000)=0xf, 0x4)

1m24.675867501s ago: executing program 1 (id=5287):
r0 = socket(0x10, 0x3, 0x0)
sendmmsg(r0, &(0x7f0000000180), 0x0, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x18, &(0x7f0000000080)=0x7f97, 0x4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
rseq(&(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x1, 0x8000000000000000, 0x8a, 0x8}, 0x2}, 0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r2, 0x40089413, &(0x7f0000000200)=0x800)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0xfffffffffffffffe, 0x0, &(0x7f0000006680)=0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x2, 0x0, &(0x7f0000000100)="e0b9", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r3 = syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00')
getdents64(r3, &(0x7f0000000080)=""/34, 0x22)
r4 = socket$inet6(0xa, 0x3, 0x3c)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000840)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f}, 0x94)
r6 = socket(0x1e, 0x805, 0x0)
connect$tipc(r6, &(0x7f0000000140)=@name={0x1e, 0x2, 0x0, {{0x0, 0x200000}, 0x2}}, 0x10)
connect$tipc(r6, &(0x7f0000000000)=@id, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
setsockopt$inet6_IPV6_RTHDR(r4, 0x29, 0x39, &(0x7f0000001640)=ANY=[@ANYBLOB="0002020100000008ff"], 0x18)
connect$inet6(r4, &(0x7f0000000080)={0xa, 0x0, 0xfffffffe, @local, 0x4}, 0x1c)
writev(r4, &(0x7f00000000c0)=[{&(0x7f0000000100)}], 0x1)

1m24.452790318s ago: executing program 1 (id=5292):
link(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

1m24.42843552s ago: executing program 1 (id=5294):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
setsockopt$SO_J1939_FILTER(r1, 0x6b, 0x1, &(0x7f0000000580)=[{0x3, 0x3, {0x1, 0x1}, {0x0, 0xff, 0x1}}], 0x1c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r2, 0x0, 0x22, 0x0, &(0x7f0000000380)="f6f4e9a1d78ad62ceef1884386dd78bb3fb7dbfc8180ca434bccfda2e499b3dcf581", 0x0, 0xa1b, 0x0, 0x2f, 0x0, &(0x7f0000000280)="010a", 0x0, 0x0, 0x0, 0x2}, 0xc)
socket$kcm(0x10, 0x2, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x0)
r4 = io_uring_setup(0x2237, &(0x7f0000000880)={0x0, 0xfffffffc, 0x0, 0x2})
io_uring_register$IORING_REGISTER_FILES_UPDATE2(r4, 0xd, &(0x7f0000000140)={0x7, 0x0, 0x0, 0x0}, 0x20)
io_uring_register$IORING_REGISTER_FILES_UPDATE2(r4, 0xe, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000040)=[{0x0}], &(0x7f0000000080)=[0x400000000000], 0x1}, 0x20)
io_uring_register$IORING_REGISTER_FILES_UPDATE2(r4, 0xe, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000000)=[{0x0}], 0x0, 0x1}, 0x20)
sendmsg$kcm(r3, 0x0, 0x40)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x75b08000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff})
connect$unix(r5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x200000, &(0x7f0000000840)={[{@dioread_nolock}, {@stripe={'stripe', 0x3d, 0x3}}, {@min_batch_time={'min_batch_time', 0x3d, 0x1}}, {@nogrpid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodelalloc}, {@errors_remount}, {@acl}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x343}}, {@jqfmt_vfsold}, {@barrier_val={'barrier', 0x3d, 0x7}}, {@nombcache}], [{@flag='dirsync'}]}, 0xfd, 0x573, &(0x7f0000000cc0)="$eJzs3V9rW+UfAPDvSZP9636/djCGeiGDXTgZS9fWPxOEzUvR4UDvZ2izMpouo0nHWgduF+7GGxmCiAPxBXjv5fAN+CoGOhgyil6IUDnpSZe1Sf8tNbH5fOBsz5Nzkud58pzvyfOck/QEMLBOpv/kIl6OiK+SiJGWdfnIVp5c3W756e2pdEliZeXj35O4sO61kuz/4SzzUkT8/EXEmdzGcmuLS7OlSqU8n+XH6nM3xmqLS2evzZVmyjPl6xOTk+ffnJx45+23utbW1y//+e1HD98//+Wp5W9+fHzsfhIX42i2Lm1XF4q405o5Wfo7SxXi4roNx7tQWD9Jel0BdmUoi/NCpMeAkRjKoh7Y/z6PiBVgQCXiHwZUcxzQnNt3aR78n/HkvdUJ0Mb251fPjcShxtzoyHLy3Mwone+OdqH8tIyffntwP11i8/MQh7fIA+zInbsRcS6f33j8S7Lj3+6da5w83tz6Mgbt8wd66WE6/knuRGyI/9za+CfajH+G28Tubmwd/7nHXSimo3T8927b8e/aoWt0KMv9rzHmKyRXr1XK5yLi/xFxOgoH0/xm13POLz9a6bSudfyXLmn5zbFgVo/H+YPPP2e6VC+9SJtbPbkb8Urb8W+y1v9Jm/5P34/L2yzjRPnBq53Wbd3+vbXyQ8Rrbfv/2RWtZPPrk2ON/WGsuVds9Me9E790Kr/X7U/7/8jm7R9NWq/X1nZexveH/ip3Wrfb/f9A8kkjfSB77FapXp8fjziQfJgfXv/4xLPnNvPN7dP2nz7VPv432//Tyden22z/veP3Om7aD/0/vaP+33ni0Qeffdep/O31/xuN1Onske0c/7ZbwRd57wAAAAAAAKDf5CLiaCS54lo6lysWV7/fcTyO5CrVWv3M1erC9elo/FZ2NAq55pXukZbvQ4xn34dt5ifW5Scj4lhEfD10uJEvTlUr071uPAAAAAAAAAAAAAAAAAAAAPSJ4Q6//0/9OtTr2gF7rnFjg4O9rgXQC1ve8r8bd3oC+tKW8Q/sWzuPf2cGYL/w+Q+DS/zD4BL/MLi2G/+FkT2uCPCv8/kPg0v8AwAAAAAAAAAAAAAAAAAAAAAAAAAAQFddvnQpXVaWn96eSvPTNxcXZqs3z06Xa7PFuYWp4lR1/kZxplqdqZSLU9W5rV6vUq3eGJ+IhVtj9XKtPlZbXLoyV124Xr9yba40U75SLvhjwwAAAAAAAAAAAAAAAAAAALBBbXFptlSplOclOiYuRF9UYy8buGpXT8/3Syskupro8YEJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFr8EwAA//8DDjNQ")
r6 = syz_clone(0xa00200, 0x0, 0xfffffffffffffef2, 0x0, 0x0, 0x0)
r7 = syz_open_procfs(0x0, &(0x7f0000000480)='task\x00')
fchdir(r7)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r8 = syz_open_procfs(r6, &(0x7f0000000040)='stat\x00')
pread64(r8, &(0x7f0000000140)=""/15, 0xf, 0x4)

1m24.067164079s ago: executing program 1 (id=5311):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
setsockopt$SO_J1939_FILTER(r1, 0x6b, 0x1, &(0x7f0000000580)=[{0x3, 0x3, {0x1, 0x1}, {0x0, 0xff, 0x1}}], 0x1c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r2, 0x0, 0x22, 0x0, &(0x7f0000000380)="f6f4e9a1d78ad62ceef1884386dd78bb3fb7dbfc8180ca434bccfda2e499b3dcf581", 0x0, 0xa1b, 0x0, 0x2f, 0x0, &(0x7f0000000280)="010a", 0x0, 0x0, 0x0, 0x2}, 0xc)
socket$kcm(0x10, 0x2, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x0)
r4 = io_uring_setup(0x2237, &(0x7f0000000880)={0x0, 0xfffffffc, 0x0, 0x2})
io_uring_register$IORING_REGISTER_FILES_UPDATE2(r4, 0xd, &(0x7f0000000140)={0x7, 0x0, 0x0, 0x0}, 0x20)
io_uring_register$IORING_REGISTER_FILES_UPDATE2(r4, 0xe, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000040)=[{0x0}], &(0x7f0000000080)=[0x400000000000], 0x1}, 0x20)
io_uring_register$IORING_REGISTER_FILES_UPDATE2(r4, 0xe, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000000)=[{0x0}], 0x0, 0x1}, 0x20)
sendmsg$kcm(r3, 0x0, 0x40)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x75b08000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff})
connect$unix(r5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x200000, &(0x7f0000000840)={[{@dioread_nolock}, {@stripe={'stripe', 0x3d, 0x3}}, {@min_batch_time={'min_batch_time', 0x3d, 0x1}}, {@nogrpid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodelalloc}, {@errors_remount}, {@acl}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x343}}, {@jqfmt_vfsold}, {@barrier_val={'barrier', 0x3d, 0x7}}, {@nombcache}], [{@flag='dirsync'}]}, 0xfd, 0x573, &(0x7f0000000cc0)="$eJzs3V9rW+UfAPDvSZP9636/djCGeiGDXTgZS9fWPxOEzUvR4UDvZ2izMpouo0nHWgduF+7GGxmCiAPxBXjv5fAN+CoGOhgyil6IUDnpSZe1Sf8tNbH5fOBsz5Nzkud58pzvyfOck/QEMLBOpv/kIl6OiK+SiJGWdfnIVp5c3W756e2pdEliZeXj35O4sO61kuz/4SzzUkT8/EXEmdzGcmuLS7OlSqU8n+XH6nM3xmqLS2evzZVmyjPl6xOTk+ffnJx45+23utbW1y//+e1HD98//+Wp5W9+fHzsfhIX42i2Lm1XF4q405o5Wfo7SxXi4roNx7tQWD9Jel0BdmUoi/NCpMeAkRjKoh7Y/z6PiBVgQCXiHwZUcxzQnNt3aR78n/HkvdUJ0Mb251fPjcShxtzoyHLy3Mwone+OdqH8tIyffntwP11i8/MQh7fIA+zInbsRcS6f33j8S7Lj3+6da5w83tz6Mgbt8wd66WE6/knuRGyI/9za+CfajH+G28Tubmwd/7nHXSimo3T8927b8e/aoWt0KMv9rzHmKyRXr1XK5yLi/xFxOgoH0/xm13POLz9a6bSudfyXLmn5zbFgVo/H+YPPP2e6VC+9SJtbPbkb8Urb8W+y1v9Jm/5P34/L2yzjRPnBq53Wbd3+vbXyQ8Rrbfv/2RWtZPPrk2ON/WGsuVds9Me9E790Kr/X7U/7/8jm7R9NWq/X1nZexveH/ip3Wrfb/f9A8kkjfSB77FapXp8fjziQfJgfXv/4xLPnNvPN7dP2nz7VPv432//Tyden22z/veP3Om7aD/0/vaP+33ni0Qeffdep/O31/xuN1Onske0c/7ZbwRd57wAAAAAAAKDf5CLiaCS54lo6lysWV7/fcTyO5CrVWv3M1erC9elo/FZ2NAq55pXukZbvQ4xn34dt5ifW5Scj4lhEfD10uJEvTlUr071uPAAAAAAAAAAAAAAAAAAAAPSJ4Q6//0/9OtTr2gF7rnFjg4O9rgXQC1ve8r8bd3oC+tKW8Q/sWzuPf2cGYL/w+Q+DS/zD4BL/MLi2G/+FkT2uCPCv8/kPg0v8AwAAAAAAAAAAAAAAAAAAAAAAAAAAQFddvnQpXVaWn96eSvPTNxcXZqs3z06Xa7PFuYWp4lR1/kZxplqdqZSLU9W5rV6vUq3eGJ+IhVtj9XKtPlZbXLoyV124Xr9yba40U75SLvhjwwAAAAAAAAAAAAAAAAAAALBBbXFptlSplOclOiYuRF9UYy8buGpXT8/3Syskupro8YEJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFr8EwAA//8DDjNQ")
r6 = syz_clone(0xa00200, 0x0, 0xfffffffffffffef2, 0x0, 0x0, 0x0)
r7 = syz_open_procfs(0x0, &(0x7f0000000480)='task\x00')
fchdir(r7)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r8 = syz_open_procfs(r6, &(0x7f0000000040)='stat\x00')
pread64(r8, &(0x7f0000000140)=""/15, 0xf, 0x4)

1m23.664073612s ago: executing program 1 (id=5306):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000012c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
pipe2(&(0x7f0000001cc0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x800)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@uname={'uname', 0x3d, '\xd0\xae\xde\xc1\xaa \xff\xd8\x1d\x1b\xf8\x93)!|\xb0X\xa3\x96\xed\xa2\xab@\xa2m\x93\xdd\b<\x00t\xdc\xabl\xab!\xae\x16\xc4\xcd\xf9{\xdc5_;A\xd2{eC\x014\\\xb3\xc4\xce\xc3yS2-\x01\xbe\xaarW\x96O\xd3\x0f\xe2\xd7/\x17\x1d\xa7.8\x9f8-\xea<\x8d\x91\x90j\xea\xd5\xd5\xae\xcc\xc0\x97\xef\x10\x92\xea\x98|+\x00\x00\x00\x00\x00\x00\x00\x00'}}]}})

1m23.610471206s ago: executing program 33 (id=5306):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000012c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
pipe2(&(0x7f0000001cc0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x800)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@uname={'uname', 0x3d, '\xd0\xae\xde\xc1\xaa \xff\xd8\x1d\x1b\xf8\x93)!|\xb0X\xa3\x96\xed\xa2\xab@\xa2m\x93\xdd\b<\x00t\xdc\xabl\xab!\xae\x16\xc4\xcd\xf9{\xdc5_;A\xd2{eC\x014\\\xb3\xc4\xce\xc3yS2-\x01\xbe\xaarW\x96O\xd3\x0f\xe2\xd7/\x17\x1d\xa7.8\x9f8-\xea<\x8d\x91\x90j\xea\xd5\xd5\xae\xcc\xc0\x97\xef\x10\x92\xea\x98|+\x00\x00\x00\x00\x00\x00\x00\x00'}}]}})

2.686293075s ago: executing program 0 (id=6608):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000007d000000850000000f000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10)
syz_clone(0x42000000, 0x0, 0x0, 0x0, 0x0, 0x0)

2.562701005s ago: executing program 0 (id=6609):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(0x0)
splice(r0, 0x0, 0xffffffffffffffff, 0x0, 0x39000, 0x0)
r2 = memfd_create(&(0x7f0000000080), 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x161281, 0x0)
write$binfmt_aout(r3, &(0x7f0000000080)=ANY=[], 0xff2e)
ioctl$TCSETS(r3, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "0040001e1d113c812e5d6000"})
r4 = syz_open_pts(r3, 0x0)
dup3(r4, r3, 0x0)
ppoll(&(0x7f0000000140)=[{r3}], 0x1, 0x0, 0x0, 0x0)
sendmmsg$inet(r0, &(0x7f00000009c0)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000040)="fce6a65c476d7c8c264d89763af875dc03d87049f2f527d86797599a9ba87344b843b7791d0e6a1f8687b680d93827e5f2363f513e9fb292482f32473015438634d249bf031f29e00ebb4ca0d5038b4f6ccd7d6239c8ac178540b41256c689e03fa84b3cad6361d6b842ed075c9afbe92c76a02ffe8db8dae05ec54b6be751fcb74cc0c456a3ac60753f66ac4742cdfc13601a228ead50f47d0a41fc506015da89e19a1c7461b2ea38721efd0974373e09ab579abc2f4eec06b5f5cbf01d89dbd1dba637828de99ca5ea524c42677be35aefb80b6a37", 0xd6}, {&(0x7f0000000140)="5cb3ff2c81739989ec1472bff9e777cf789d74f2cd798dd4a7093b03b023490e4331df1852dc52e0e4b44feab755d8c4dd9ded5bfaabfec9b0a13995871c9e5a78c4be16ed438dc63e1c883d69f4100c0a65e847f6b21f44d01cdcf831cf13fa512895bea9e9f57e18114533aef5663f68898ad3f097e0dcbd51d147a410e0cacc70609e91b49f36f21f9a6d2a1849af582de6182929910b699711381cd2a6d0", 0xa0}], 0x2}}, {{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000280)="7f88aa81657e5d0939e7f823c15f1eb44edbf5275e956dd65492f804b661c892583fe6a8e0096fa49a4eb5cd508a05a4279121e8723924d68f4009aa943fd9b0f9e516b7506a6a60282b0f2141731bac5c4ffed122679d380d042fd0532a0b9cc09b427d4c8ef4bca4ae606ef04e37e5be682932f375f8d3d8c0cabecbdabf98c6c29ec72968da81d885bf0870edc504ef2c50fe125894e4cec0cafb9eab00e5be6b357c4d9e038e5942c91dc14f1667a512", 0xb2}, {&(0x7f00000003c0)="d2380f2b333142348134cec70218355b31321668ed6593f3234cd64513bb546699610b729879ff1fabed7d863904bf4dd4cb5e69400668d67b958c1080e514c24592b0a24af3d55a5de16d488486a67b57a25a5d511b9bed65f3b5f1d1c64a33f7c78d3c80180e674793f0fe0ddf14503fa42923f568fb8f06cd950fbb79af54f88faf58ada57b5631caaeef633f844a49f267c3969da4a67d6c4f5029e4a4702b4bc9267496f7733e2b676d20a6a17e82dcdd9fba4b719e503d6bb6e3", 0xbd}, {&(0x7f0000000480)="410bfefea1ffc083cbd8197fdbdc8be4deae6bf2d6ca3ef609e36af0617ecd15166f9077a475dc924bbfa0aa27afdde8affe7e361b0331778105ef9ecad56d7f9e52a3eb0d42f59e35e8a053b9850c6ea54a0787c9a82310ae0f0976d13e1be57e7b415a9acd7ee5d0762cbafa63a50cbc7125e80f86d4f9caa9b72d28729a47697225d72eff1d5519085bcb2c08227db6569fbb08323acc0c7c263d65607ed74b6b9dab86e7da44d65a71ce0216f9f8285e07f6c50aecffff2870ad50df27b9611f6ef59355068d44a604882e56", 0xce}, {&(0x7f0000000580)="413e088593bda580c2d517877477a11df0c2aa265d1ca42530ecd7fbaa4922ce3584b01e98575691f3794262470437eb59306f97be02d367e296ab9d8b0bf93de5a54cb36e4f4a896fffaba0c44fc509b43dacfc805e7ecfb9dc500718ce387f7798bb86c5b650adf81bf0a9f8", 0x6d}, {&(0x7f0000000600)="e70c8366ec565c821dc68be04822fb735af7524b7c3344d61aa7097deb7981677922c8528773fdcf46d6cb14986884c00053c619a23d6babd565590af975fea0a040e6b20b2480fab0682263a5bf384af8cc68a04bc16c6c81ad6e18a1c6f4b5c681d2ec4a67bc00da4429559abcb00a62d48b1119dafe91ada08589577d935934d0a06fc52a", 0x86}, {&(0x7f00000006c0)="aea9b2102cfb84c088affbfc2b8123d1b6846d43192b6c1de488fb5bed1a87ed0a5a9e2df0cf44774d13c6c14a8197db21bd9e45dd41ea5b7104c92dff9fe982f28722769843db157c26d7934e09a1fcf252244cdf0388ed3e52f12fc58114375f62ea250e98b77178d449a027dceb1f0a0534ab89fa83489d0c517d", 0x7c}], 0x6}}, {{0x0, 0x0, &(0x7f0000000940)=[{&(0x7f00000007c0)="4b7754216387c6ced88aa699eed4a9b5d0166406715898520b00ff1cef9a82e509d05730d26bf892917e7de13a37374ae2ad7ff45077f83bf635882b4b808c08e8e224fc1fd75ce9e482a586e94e32f8d1245e8beee4d9ab95e9f7550cd467f425106b3fbd4d4b7a105a15cc09501567717f3a2b4cbc6e588fffab74bd679ae82f6439057f1ce02644bff541a3aad71c4c57966daa97", 0x96}, {&(0x7f0000000340)="51458a7f9ce38c90c0cf820bd8ecbb3627fa97ad2a6fbb1c", 0x18}, {&(0x7f0000000880)="e222d4faa00621dc09a924d3983e069ff151360fb52cfec7593042664930fa624a0a107cde2192afa58520a80a264c45c7f6c4e6afd54543ea4f", 0x3a}, {&(0x7f00000008c0)="c62b897a1b9e3166454d0cd7f606af7dce572f07f9bca4a9d3cbe8f558c7849b8263ad52d31f84d1abf18930997134c0c9544aacbe0c07a156896f1b9b3b4635ceda0c6e7f6879f10f4d37bd8a3e50191a2df68c0bfdbef246e281473c2985da2d68", 0x62}], 0x4, &(0x7f0000000980)=[@ip_ttl={{0x14, 0x0, 0x2, 0x3}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x6}}], 0x30}}], 0x3, 0x11)
splice(0xffffffffffffffff, 0x0, r2, 0x0, 0x408cd, 0x800000000000000)
syz_emit_ethernet(0x26, &(0x7f0000000a80)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaabb8100260089020101884c060000022daa41df7773aaaaaaaaaaaae56185a0d3ee0d2a5ca2d564add0f6403a7f12d61195fbaa80d91672935e2e04da4665cfeb4ac4b9a6aac60e7cdb85a28f3a1237026f85bec737eeb5845285769503dec53622f228d5dcd6800977cd109f0f6d9f97ce7c8f337c512b973a7091c0fc394d197b7603e2529344b4bbebf9050ca75f44636529f363c136926a2950f120334d45ed14c8310ba3d78ee25f7ce8dd282e95954c8dbfb8b2a00bc3e9a449bd4eda7d7a3e1ddf5e782978aab2d2da4cee7b82bdbd14c4524288ffaf3ccc236bc1ce7e856155ce864b8443c909a0cdfb6c42c3bfead9139d7694995d7bf7e7c2f8e684d274fc2e4fcb938f7115d3e6daf397f52aff91111b933b56ddf6afac7ffc5b23c5d74a505a1731516bef6494da1f475b4fea90b1774ecc"], 0x0)
write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[], 0xfffffe3e)

2.272844049s ago: executing program 2 (id=6614):
unshare(0x400)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x0, 0x0, 0x0, 0x1, 0x99, &(0x7f0000000240)=""/153}, 0x94)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0, 0x3, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x8a, &(0x7f0000000540)={[{@jqfmt_vfsold}, {@usrjquota, 0x22}, {@errors_continue}, {@grpquota}, {@data_err_ignore}, {@grpjquota, 0x22}, {@nodiscard}, {@errors_remount}, {@nodelalloc}, {@sysvgroups}, {@norecovery}]}, 0x1, 0x455, &(0x7f0000000d80)="$eJzs3M1PXFUbAPBnZhha2vLCW2u12CpajcQPKPTDLtzUaOJCExNd1LhCoA12WkzBxDZE0QUuTRP3xqWJf4Eb68aoKxO3ujcmxLCxuhpzZ+6FKcwAAwNTnd8vue05cy4557n3nplnzp2ZADrWYPJPLuJQRPwSEX3V6t07DFb/u7M8P/HX8vxELsrl1//IVfb7c3l+Its1+7uD1Uq5vEG/i29FjJdKU9fT+sjc1XdHZm/cfHb66vjlqctT18bOnz9z+kT3ubGzLYmzNxnrwAczx4+9/OatVycu3nr7h6+S8R5K22vjaJXB6tGt64lWd9ZmvTXlXFcbB0JTChGRnK5iZf73RSF6Vtr64qWP2zo4YFeVy/nyvsbNC2XgPyxJ1IFOlL3QJ+9/s22PUo97wtKFWFnHuJNu1ZauyKf7FNP3SLthMCIuLvz9ebLFLq1DAADUun0hIp6pl//l4+j+1f3+l94b6o+I/0fE4Yi4LyKORMT9EXE0Ih6IiAeb7H/tHZL1+U+5b3uRbU2S/z2f3tu6O//Lsr/oL6S13kr8xdyl6dLUqfSYDEVxX1If3aCPb1/8+dNGbbX5X7Il/We5YDqO37vWLNBNjs+N7yTmWksfRQx01Ys/t5LzJvnxsYgY2GYf0099ebxR2+bxb6AFSXn5i4gnq+d/IdbEn8k1vD85+ty5sbMj+6M0dWokuyrW+/Gnxdca9b+j+Ftg6XY5DtS9/lfi78/tj5i9cfNK5X7tbPN9LP76ScP3NNu9/rtzb1TK3elj74/PzV0fjejOvbL+8bHVv83q2f7J9T90sv78PxyrR+KhiEgu4hMR8XBEPJKO/dGIeCwiTm4Q//cvPP5O8/FvsCrfQkn8k5ud/6g9/80XCle++7r5+DPJ+T9TKQ2lj2zl+W+rA9zJsQMAAIB/i3zlM/C5/PBKOZ8fHq5+hv9IHMiXZmbnnr408961yepn5fujmM9Wuvpq1kNH07XhrD62pn46XTf+rNBTqQ9PzJQm2x08dLiDDeZ/4rdCu0cH7Drf14LOZf5D5zL/oXOZ/9C5zH/oXPXm/4dtGAew9zZ5/e/Zq3EAe0/+D53L/IfOZf5DR2r43fj8jr7yr9CmwjfdO/uthq0XIn+PhLzrhWJE7EVfxajb1LXlH7PYZmFf3aZ2PzMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC0xj8BAAD//37l4X0=")
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x4e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file2\x00', 0x2004d95, &(0x7f00000000c0)={[{@barrier}]}, 0x1, 0x523, &(0x7f0000000a80)="$eJzs3c1vHGcZAPBnNrtJnDi1+ThAJUKhRU4F2bVr2locSpEQnCohyj0Ye21ZXnst77qNVxV1/gIkhACJE1y4IPEHIKFIXDgipEpwBqkIhCCFAwfooJ2d9Vd27W262XXs30+azPvO1/O8m8zszOybmQAurGci4tWIeD9N0+cjYiqSbHohH2KvM7SXe+/BW0vtIYk0ff0fSbZku97dVpKPr+erXY2Ib3494jvJw3Ebu631xVqtup3XK82NrUpjt3V7bWNxtbpa3Zyfn3tp4eWFFxdmh9LOGxHxylf/8sPv/fxrr/z6C2/++c7fbn23ndZkPv9wOz6g4kkzO00vZZ/F4RW2HzHYWVTMWpibGGyde48xHwAA+muf4380Ij4bEc/HVFw6+XQWAAAAeAKlX56M/yYRaW+X+0wHAAAAniCFrA9sUijnfQEmo1Aolzt9eD8e1wq1eqP5+ZX6zuZyp6/sdJQKK2u16mzWVzirJ+36XFY+qL9wrD5/pXO/4QdTE1m9vFSvLY/75gcAAABcENePXf//e6pz/Q8AAACcM9PjTgAAAAB47Fz/AwAAwPnn+h8AAADOtW+89tpERKTd918vv7G7s15/4/ZytbFe3thZKi/Vt7fKq/X6avbMvo3Ttler17e+GJs7dyvNaqNZaey27mzUdzabd9aOvAIbAAAAGKGPfPr+H5OI2PvSRDa0XR53UsBIFPdLST7usff/6anO+N0RJQWMxKUBlnn3yggSAUauOO4EgLEpjTsBYOySU+b37bzzu3z8meHmAwAADN/MJ/v//l84cc29k2cDZ56dGC6uY/t/2jauXIDRyn7/H7TDr5MFOFdKA/UABM6zD/37/6lcVwAAwLhNZkNSKOe39yajUCiXI25krwUoJStrtepsRDwVEX+YKl1p1+diwP84CAAAAAAAAAAAAAAAAAAAAAAAAABk0jTpvPQHAAAAOLciCn9NfpNk7/+amXpu8vj9gcvJf6Yif0Xomz95/Ud3F5vN7bn29H/uT2/+OJ/+wjjuYAAAAADHda/Tu9fxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBM7z14a6k7jDLu378SEdO94hfjaja+GqWIuPavJIqH1ksi4tIQ4u/di4hP9IqftNPaD9kr/sTjjx/T+afQK/71IcSHi+x++/jzaq/9rxDPZOPe+18x4kj9UR05/rVuHjn+do9/l/rs/zcGjPH0O7+s9I1/L+LpYu/jTzd+0if+swPG//a3Wq1+89KfRsz0/P5JjsSqNDe2Ko3d1u21jcXV6mp1c35+7qWFlxdeXJitrKzVqvmfPWN8/1O/ev+k9l/rE3/6lPY/N2D7//fO3Qcf6xRLB1Mn9uPferZH/N/+LF/u4fiF/Lvvc3m5PX+mW97rlA+7+Yvf3zyp/csH7S99kL//WwO2fyg7CgAwNI3d1vpirVbdfsIKb+f5n75w+zzrbOT8CIXkbKRxXgtvD3WDaZqm7X+TPWbdj4hBtpPEWfhYssJ4j0sAAMDwHZz0jzsTAAAAAAAAAAAAAAAAAAAAuLgefvpXmsaQH0J2PObefinxZGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Mz4fwAAAP//j6PX8g==")
clock_adjtime(0xffffffd3, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000400)={0x6, 0x3, &(0x7f0000000600)=ANY=[], &(0x7f00000002c0)='GPL\x00'}, 0x94)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
unshare(0x6040400)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e0000008500000005000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0xa8}, 0x18)
io_uring_setup(0x31fa, &(0x7f00000001c0)={0x0, 0x6a93, 0x40, 0x2, 0xd1})
socket$nl_rdma(0x10, 0x3, 0x14)
socket(0xa, 0x3, 0x3a)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0x44840)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
mknod$loop(0x0, 0x2000, 0x1)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000100)={0x0, 0x3, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000005000100070000000900020073797a31000000001400078005001500070000000800124000000000050005000200000005000400000000000d000300686173683a6e6574"], 0x5c}}, 0x0)
unshare(0x100)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB="44000000090601060000000000000000000000000900020073797a310000000005000100070000001c0007800c00018008000140ffffffff0c00028008000140"], 0x44}, 0x1, 0x0, 0x0, 0x10040047}, 0x240008c4)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)

2.174095577s ago: executing program 2 (id=6615):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x18)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)={0x18, r2, 0x6a98047402e98331, 0x70bd2a, 0x0, {}, [@HEADER={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x50}, 0x4886)

2.13391496s ago: executing program 2 (id=6617):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
splice(r0, 0x0, 0xffffffffffffffff, 0x0, 0x39000, 0x0)
r2 = memfd_create(&(0x7f0000000080), 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x161281, 0x0)
write$binfmt_aout(r3, &(0x7f0000000080)=ANY=[], 0xff2e)
ioctl$TCSETS(r3, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "0040001e1d113c812e5d6000"})
r4 = syz_open_pts(r3, 0x0)
dup3(r4, r3, 0x0)
ppoll(&(0x7f0000000140)=[{r3}], 0x1, 0x0, 0x0, 0x0)
sendmmsg$inet(r0, &(0x7f00000009c0)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000140)="5cb3ff2c81739989ec1472bff9e777cf789d74f2cd798dd4a7093b03b023490e4331df1852dc52e0e4b44feab755d8c4dd9ded5bfaabfec9b0a13995871c9e5a78c4be16ed438dc63e1c883d69f4100c0a65e847f6b21f44d01cdcf831cf13fa512895bea9e9f57e18114533aef5663f68898ad3f097e0dcbd51d147a410e0cacc70609e91b49f36f21f9a6d2a1849af582de6182929910b699711381cd2a6d0", 0xa0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000280)="7f88aa81657e5d0939e7f823c15f1eb44edbf5275e956dd65492f804b661c892583fe6a8e0096fa49a4eb5cd508a05a4279121e8723924d68f4009aa943fd9b0f9e516b7506a6a60282b0f2141731bac5c4ffed122679d380d042fd0532a0b9cc09b427d4c8ef4bca4ae606ef04e37e5be682932f375f8d3d8c0cabecbdabf98c6c29ec72968da81d885bf0870edc504ef2c50fe125894e4cec0cafb9eab00e5be6b357c4d9e038e5942c91dc14f1667", 0xb0}, {&(0x7f00000003c0)="d2380f2b333142348134cec70218355b31321668ed6593f3234cd64513bb546699610b729879ff1fabed7d863904bf4dd4cb5e69400668d67b958c1080e514c24592b0a24af3d55a5de16d488486a67b57a25a5d511b9bed65f3b5f1d1c64a33f7c78d3c80180e674793f0fe0ddf14503fa42923f568fb8f06cd950fbb79af54f88faf58ada57b5631caaeef633f844a49f267c3969da4a67d6c4f5029e4a4702b4bc9267496f7733e2b676d20a6a17e82dcdd9fba4b719e503d6bb6e3", 0xbd}, {&(0x7f0000000480)="410bfefea1ffc083cbd8197fdbdc8be4deae6bf2d6ca3ef609e36af0617ecd15166f9077a475dc924bbfa0aa27afdde8affe7e361b0331778105ef9ecad56d7f9e52a3eb0d42f59e35e8a053b9850c6ea54a0787c9a82310ae0f0976d13e1be57e7b415a9acd7ee5d0762cbafa63a50cbc7125e80f86d4f9caa9b72d28729a47697225d72eff1d5519085bcb2c08227db6569fbb08323acc0c7c263d65607ed74b6b9dab86e7da44d65a71ce0216f9f8285e07f6c50aecffff2870ad50df27b9611f6ef59355068d44a604882e56", 0xce}, {&(0x7f0000000580)="413e088593bda580c2d517877477a11df0c2aa265d1ca42530ecd7fbaa4922ce3584b01e98575691f3794262470437eb59306f97be02d367e296ab9d8b0bf93de5a54cb36e4f4a896fffaba0c44fc509b43dacfc805e7ecfb9dc500718ce387f7798bb86c5b650adf81bf0a9f8", 0x6d}, {&(0x7f0000000600)="e70c8366ec565c821dc68be04822fb735af7524b7c3344d61aa7097deb7981677922c8528773fdcf46d6cb14986884c00053c619a23d6babd565590af975fea0a040e6b20b2480fab0682263a5bf384af8cc68a04bc16c6c81ad6e18a1c6f4b5c681d2ec4a67bc00da4429559abcb00a62d48b1119dafe91ada08589577d935934d0a06fc52a", 0x86}, {&(0x7f00000006c0)="aea9b2102cfb84c088affbfc2b8123d1b6846d43192b6c1de488fb5bed1a87ed0a5a9e2df0cf44774d13c6c14a8197db21bd9e45dd41ea5b7104c92dff9fe982f28722769843db157c26d7934e09a1fcf252244cdf0388ed3e52f12fc58114375f62ea250e98b77178d449a027dceb1f0a0534ab89fa83489d0c517d", 0x7c}], 0x6}}, {{0x0, 0x0, &(0x7f0000000940)=[{&(0x7f00000007c0)="4b7754216387c6ced88aa699eed4a9b5d0166406715898520b00ff1cef9a82e509d05730d26bf892917e7de13a37374ae2ad7ff45077f83bf635882b4b808c08e8e224fc1fd75ce9e482a586e94e32f8d1245e8beee4d9ab95e9f7550cd467f425106b3fbd4d4b7a105a15cc09501567717f3a2b4cbc6e588fffab74bd679ae82f6439057f1ce02644bff541a3aad71c4c57966daa97", 0x96}, {&(0x7f0000000340)="51458a7f9ce38c90c0cf820bd8ecbb3627fa97ad2a6fbb1c", 0x18}, {&(0x7f0000000880)="e222d4faa00621dc09a924d3983e069ff151360fb52cfec7593042664930fa624a0a107cde2192afa58520a80a264c45c7f6c4e6afd54543ea4f", 0x3a}, {&(0x7f00000008c0)="c62b897a1b9e3166454d0cd7f606af7dce572f07f9bca4a9d3cbe8f558c7849b8263ad52d31f84d1abf18930997134c0c9544aacbe0c07a156896f1b9b3b4635ceda0c6e7f6879f10f4d37bd8a3e50191a2df68c0bfdbef246e281473c2985da2d68", 0x62}], 0x4, &(0x7f0000000980)=[@ip_ttl={{0x14, 0x0, 0x2, 0x3}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x6}}], 0x30}}], 0x3, 0x11)
splice(0xffffffffffffffff, 0x0, r2, 0x0, 0x408cd, 0x800000000000000)
syz_emit_ethernet(0x26, &(0x7f0000000a80)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaabb8100260089020101884c060000022daa41df7773aaaaaaaaaaaae56185a0d3ee0d2a5ca2d564add0f6403a7f12d61195fbaa80d91672935e2e04da4665cfeb4ac4b9a6aac60e7cdb85a28f3a1237026f85bec737eeb5845285769503dec53622f228d5dcd6800977cd109f0f6d9f97ce7c8f337c512b973a7091c0fc394d197b7603e2529344b4bbebf9050ca75f44636529f363c136926a2950f120334d45ed14c8310ba3d78ee25f7ce8dd282e95954c8dbfb8b2a00bc3e9a449bd4eda7d7a3e1ddf5e782978aab2d2da4cee7b82bdbd14c4524288ffaf3ccc236bc1ce7e856155ce864b8443c909a0cdfb6c42c3bfead9139d7694995d7bf7e7c2f8e684d274fc2e4fcb938f7115d3e6daf397f52aff91111b933b56ddf6afac7ffc5b23c5d74a505a1731516bef6494da1f475b4fea90b1774ecc"], 0x0)
write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[], 0xfffffe3e)

1.704330814s ago: executing program 0 (id=6626):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(0x0)
splice(r0, 0x0, 0xffffffffffffffff, 0x0, 0x39000, 0x0)
r2 = memfd_create(&(0x7f0000000080), 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x161281, 0x0)
write$binfmt_aout(r3, &(0x7f0000000080)=ANY=[], 0xff2e)
ioctl$TCSETS(r3, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "0040001e1d113c812e5d6000"})
r4 = syz_open_pts(r3, 0x0)
dup3(r4, r3, 0x0)
ppoll(&(0x7f0000000140)=[{r3}], 0x1, 0x0, 0x0, 0x0)
sendmmsg$inet(r0, &(0x7f00000009c0)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000040)="fce6a65c476d7c8c264d89763af875dc03d87049f2f527d86797599a9ba87344b843b7791d0e6a1f8687b680d93827e5f2363f513e9fb292482f32473015438634d249bf031f29e00ebb4ca0d5038b4f6ccd7d6239c8ac178540b41256c689e03fa84b3cad6361d6b842ed075c9afbe92c76a02ffe8db8dae05ec54b6be751fcb74cc0c456a3ac60753f66ac4742cdfc13601a228ead50f47d0a41fc506015da89e19a1c7461b2ea38721efd0974373e09ab579abc2f4eec06b5f5cbf01d89dbd1dba637828de99ca5ea524c42677be35aefb80b6a3702", 0xd7}, {&(0x7f0000000140)="5cb3ff2c81739989ec1472bff9e777cf789d74f2cd798dd4a7093b03b023490e4331df1852dc52e0e4b44feab755d8c4dd9ded5bfaabfec9b0a13995871c9e5a78c4be16ed438dc63e1c883d69f4100c0a65e847f6b21f44d01cdcf831cf13fa512895bea9e9f57e18114533aef5663f68898ad3f097e0dcbd51d147a410e0cacc70609e91b49f36f21f9a6d2a1849af582de6182929910b699711381cd2a6d0", 0xa0}], 0x2}}, {{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000280)="7f88aa81657e5d0939e7f823c15f1eb44edbf5275e956dd65492f804b661c892583fe6a8e0096fa49a4eb5cd508a05a4279121e8723924d68f4009aa943fd9b0f9e516b7506a6a60282b0f2141731bac5c4ffed122679d380d042fd0532a0b9cc09b427d4c8ef4bca4ae606ef04e37e5be682932f375f8d3d8c0cabecbdabf98c6c29ec72968da81d885bf0870edc504ef2c50fe125894e4cec0cafb9eab00e5be6b357c4d9e038e5942c91dc14f1667a512", 0xb2}, {&(0x7f00000003c0)="d2380f2b333142348134cec70218355b31321668ed6593f3234cd64513bb546699610b729879ff1fabed7d863904bf4dd4cb5e69400668d67b958c1080e514c24592b0a24af3d55a5de16d488486a67b57a25a5d511b9bed65f3b5f1d1c64a33f7c78d3c80180e674793f0fe0ddf14503fa42923f568fb8f06cd950fbb79af54f88faf58ada57b5631caaeef633f844a49f267c3969da4a67d6c4f5029e4a4702b4bc9267496f7733e2b676d20a6a17e82dcdd9fba4b719e503d6bb6e3", 0xbd}, {&(0x7f0000000480)="410bfefea1ffc083cbd8197fdbdc8be4deae6bf2d6ca3ef609e36af0617ecd15166f9077a475dc924bbfa0aa27afdde8affe7e361b0331778105ef9ecad56d7f9e52a3eb0d42f59e35e8a053b9850c6ea54a0787c9a82310ae0f0976d13e1be57e7b415a9acd7ee5d0762cbafa63a50cbc7125e80f86d4f9caa9b72d28729a47697225d72eff1d5519085bcb2c08227db6569fbb08323acc0c7c263d65607ed74b6b9dab86e7da44d65a71ce0216f9f8285e07f6c5", 0xb5}, {&(0x7f0000000580)="413e088593bda580c2d517877477a11df0c2aa265d1ca42530ecd7fbaa4922ce3584b01e98575691f3794262470437eb59306f97be02d367e296ab9d8b0bf93de5a54cb36e4f4a896fffaba0c44fc509b43dacfc805e7ecfb9dc500718ce387f7798bb86c5b650adf81bf0a9f8", 0x6d}, {&(0x7f0000000600)="e70c8366ec565c821dc68be04822fb735af7524b7c3344d61aa7097deb7981677922c8528773fdcf46d6cb14986884c00053c619a23d6babd565590af975fea0a040e6b20b2480fab0682263a5bf384af8cc68a04bc16c6c81ad6e18a1c6f4b5c681d2ec4a67bc00da4429559abcb00a62d48b1119dafe91ada08589577d935934d0a06fc52a", 0x86}, {&(0x7f00000006c0)="aea9b2102cfb84c088affbfc2b8123d1b6846d43192b6c1de488fb5bed1a87ed0a5a9e2df0cf44774d13c6c14a8197db21bd9e45dd41ea5b7104c92dff9fe982f28722769843db157c26d7934e09a1fcf252244cdf0388ed3e52f12fc58114375f62ea250e98b77178d449a027dceb1f0a0534ab89fa83489d0c517d", 0x7c}], 0x6}}, {{0x0, 0x0, &(0x7f0000000940)=[{&(0x7f00000007c0)="4b7754216387c6ced88aa699eed4a9b5d0166406715898520b00ff1cef9a82e509d05730d26bf892917e7de13a37374ae2ad7ff45077f83bf635882b4b808c08e8e224fc1fd75ce9e482a586e94e32f8d1245e8beee4d9ab95e9f7550cd467f425106b3fbd4d4b7a105a15cc09501567717f3a2b4cbc6e588fffab74bd679ae82f6439057f1ce02644bff541a3aad71c4c57966daa97", 0x96}, {&(0x7f0000000340)="51458a7f9ce38c90c0cf820bd8ecbb3627fa97ad2a6fbb1c", 0x18}, {&(0x7f0000000880)}, {&(0x7f00000008c0)="c62b897a1b9e3166454d0cd7f606af7dce572f07f9bca4a9d3cbe8f558c7849b8263ad52d31f84d1abf18930997134c0c9544aacbe0c07a156896f1b9b3b4635ceda0c6e7f6879f10f4d37bd8a3e50191a2df68c0bfdbef246e281473c2985da2d68", 0x62}], 0x4, &(0x7f0000000980)=[@ip_ttl={{0x14, 0x0, 0x2, 0x3}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x6}}], 0x30}}], 0x3, 0x11)
splice(0xffffffffffffffff, 0x0, r2, 0x0, 0x408cd, 0x800000000000000)
syz_emit_ethernet(0x26, &(0x7f0000000a80)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaabb8100260089020101884c060000022daa41df7773aaaaaaaaaaaae56185a0d3ee0d2a5ca2d564add0f6403a7f12d61195fbaa80d91672935e2e04da4665cfeb4ac4b9a6aac60e7cdb85a28f3a1237026f85bec737eeb5845285769503dec53622f228d5dcd6800977cd109f0f6d9f97ce7c8f337c512b973a7091c0fc394d197b7603e2529344b4bbebf9050ca75f44636529f363c136926a2950f120334d45ed14c8310ba3d78ee25f7ce8dd282e95954c8dbfb8b2a00bc3e9a449bd4eda7d7a3e1ddf5e782978aab2d2da4cee7b82bdbd14c4524288ffaf3ccc236bc1ce7e856155ce864b8443c909a0cdfb6c42c3bfead9139d7694995d7bf7e7c2f8e684d274fc2e4fcb938f7115d3e6daf397f52aff91111b933b56ddf6afac7ffc5b23c5d74a505a1731516bef6494da1f475b4fea90b1774ecc"], 0x0)
write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[], 0xfffffe3e)

1.409237168s ago: executing program 5 (id=6631):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010200000000000000020000000900010073797a300000000040000000030a01010000000000000000020000000900010073797a30000000000900030073797a320000000014000480080001400000000008000240000000002c000000030a03000000000000000000020000000900010073797a3000000000090003007379"], 0xb4}, 0x1, 0x0, 0x0, 0x400c0d1}, 0x20008040)

1.3770203s ago: executing program 5 (id=6632):
setuid(0xee01)
r0 = semget$private(0x0, 0x6, 0x3b1)
semop(r0, &(0x7f0000000000)=[{0x0, 0xea, 0x1000}, {0x0, 0x0, 0x1000}], 0x2)
semctl$IPC_SET(r0, 0x0, 0x1, &(0x7f0000000440)={{0x2, 0x0, 0x0, 0xee01, 0x0, 0x2, 0x1}, 0x3, 0x3, 0x0, 0x0, 0x0, 0x0, 0xfffb})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
pipe(&(0x7f0000000480)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
vmsplice(r2, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETLINK(r1, 0x400454cd, 0x30a)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000850000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r3}, 0x10)
r4 = syz_io_uring_setup(0x3b51, &(0x7f00000003c0)={0x0, 0x763, 0x80, 0x2, 0x1c2}, &(0x7f0000000040)=<r5=>0x0, &(0x7f0000000680)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_RENAMEAT={0x23, 0x4, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x1})
r7 = msgget$private(0x0, 0x0)
msgrcv(r7, 0x0, 0x0, 0x1, 0x2000)
io_uring_enter(r4, 0x10007b0f, 0x96f0, 0x20, 0x0, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r8, 0x0, 0x4}, 0x18)

1.267502249s ago: executing program 2 (id=6634):
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a3200000000140000001100"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2, &(0x7f0000fee000)=0x3fa, 0x4)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a80000000060a010400000000000000000a0000010900010073797a310000000054000480500001800b00010074617267657400004000028008000240000000012c0003007339f2f10455afb9fdd672bad09dfb78c7699c74e891a0c70000000000000000000000000000000008000100544545000900020073797a320000000014000000110001"], 0xa8}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
setresuid(0x0, 0xee00, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
close_range(r0, 0xffffffffffffffff, 0x0)

1.222872103s ago: executing program 2 (id=6636):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(0x0)
splice(r0, 0x0, 0xffffffffffffffff, 0x0, 0x39000, 0x0)
r2 = memfd_create(&(0x7f0000000080), 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x161281, 0x0)
write$binfmt_aout(r3, &(0x7f0000000080)=ANY=[], 0xff2e)
ioctl$TCSETS(r3, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "0040001e1d113c812e5d6000"})
r4 = syz_open_pts(r3, 0x0)
dup3(r4, r3, 0x0)
ppoll(&(0x7f0000000140)=[{r3}], 0x1, 0x0, 0x0, 0x0)
sendmmsg$inet(r0, &(0x7f00000009c0)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000040)="fce6a65c476d7c8c264d89763af875dc03d87049f2f527d86797599a9ba87344b843b7791d0e6a1f8687b680d93827e5f2363f513e9fb292482f32473015438634d249bf031f29e00ebb4ca0d5038b4f6ccd7d6239c8ac178540b41256c689e03fa84b3cad6361d6b842ed075c9afbe92c76a02ffe8db8dae05ec54b6be751fcb74cc0c456a3ac60753f66ac4742cdfc13601a228ead50f47d0a41fc506015da89e19a1c7461b2ea38721efd0974373e09ab579abc2f4eec06b5f5cbf01d89dbd1dba637828de99ca5ea524c42677be35aefb80b6a37", 0xd6}, {&(0x7f0000000140)="5cb3ff2c81739989ec1472bff9e777cf789d74f2cd798dd4a7093b03b023490e4331df1852dc52e0e4b44feab755d8c4dd9ded5bfaabfec9b0a13995871c9e5a78c4be16ed438dc63e1c883d69f4100c0a65e847f6b21f44d01cdcf831cf13fa512895bea9e9f57e18114533aef5663f68898ad3f097e0dcbd51d147a410e0cacc70609e91b49f36f21f9a6d2a1849af582de6182929910b699711381cd2a6d0", 0xa0}], 0x2}}, {{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000280)="7f88aa81657e5d0939e7f823c15f1eb44edbf5275e956dd65492f804b661c892583fe6a8e0096fa49a4eb5cd508a05a4279121e8723924d68f4009aa943fd9b0f9e516b7506a6a60282b0f2141731bac5c4ffed122679d380d042fd0532a0b9cc09b427d4c8ef4bca4ae606ef04e37e5be682932f375f8d3d8c0cabecbdabf98c6c29ec72968da81d885bf0870edc504ef2c50fe125894e4cec0cafb9eab00e5be6b357c4d9e038e5942c91dc14f1667a512", 0xb2}, {&(0x7f00000003c0)="d2380f2b333142348134cec70218355b31321668ed6593f3234cd64513bb546699610b729879ff1fabed7d863904bf4dd4cb5e69400668d67b958c1080e514c24592b0a24af3d55a5de16d488486a67b57a25a5d511b9bed65f3b5f1d1c64a33f7c78d3c80180e674793f0fe0ddf14503fa42923f568fb8f06cd950fbb79af54f88faf58ada57b5631caaeef633f844a49f267c3969da4a67d6c4f5029e4a4702b4bc9267496f7733e2b676d20a6a17e82dcdd9fba4b719e503d6bb6e3", 0xbd}, {&(0x7f0000000480)="410bfefea1ffc083cbd8197fdbdc8be4deae6bf2d6ca3ef609e36af0617ecd15166f9077a475dc924bbfa0aa27afdde8affe7e361b0331778105ef9ecad56d7f9e52a3eb0d42f59e35e8a053b9850c6ea54a0787c9a82310ae0f0976d13e1be57e7b415a9acd7ee5d0762cbafa63a50cbc7125e80f86d4f9caa9b72d28729a47697225d72eff1d5519085bcb2c08227db6569fbb08323acc0c7c263d65607ed74b6b9dab86e7da44d65a71ce0216f9f8285e07f6c50aecffff2870ad50df27b9611f6ef59355068d44a604882e56", 0xce}, {&(0x7f0000000580)="413e088593bda580c2d517877477a11df0c2aa265d1ca42530ecd7fbaa4922ce3584b01e98575691f3794262470437eb59306f97be02d367e296ab9d8b0bf93de5a54cb36e4f4a896fffaba0c44fc509b43dacfc805e7ecfb9dc500718ce387f7798bb86c5b650adf81bf0a9f8", 0x6d}, {&(0x7f0000000600)="e70c8366ec565c821dc68be04822fb735af7524b7c3344d61aa7097deb7981677922c8528773fdcf46d6cb14986884c00053c619a23d6babd565590af975fea0a040e6b20b2480fab0682263a5bf384af8cc68a04bc16c6c81ad6e18a1c6f4b5c681d2ec4a67bc00da4429559abcb00a62d48b1119dafe91ada08589577d935934d0a06fc52a", 0x86}, {&(0x7f00000006c0)="aea9b2102cfb84c088affbfc2b8123d1b6846d43192b6c1de488fb5bed1a87ed0a5a9e2df0cf44774d13c6c14a8197db21bd9e45dd41ea5b7104c92dff9fe982f28722769843db157c26d7934e09a1fcf252244cdf0388ed3e52f12fc58114375f62ea250e98b77178d449a027dceb1f0a0534ab89fa83489d0c517d", 0x7c}], 0x6}}, {{0x0, 0x0, &(0x7f0000000940)=[{&(0x7f00000007c0)="4b7754216387c6ced88aa699eed4a9b5d0166406715898520b00ff1cef9a82e509d05730d26bf892917e7de13a37374ae2ad7ff45077f83bf635882b4b808c08e8e224fc1fd75ce9e482a586e94e32f8d1245e8beee4d9ab95e9f7550cd467f425106b3fbd4d4b7a105a15cc09501567717f3a2b4cbc6e588fffab74bd679ae82f6439057f1ce02644bff541a3aad71c4c57966daa97", 0x96}, {&(0x7f0000000340)="51458a7f9ce38c90c0cf820bd8ecbb3627fa97ad2a6fbb1c", 0x18}, {&(0x7f0000000880)="e222d4faa00621dc09a924d3983e069ff151360fb52cfec7593042664930fa624a0a107cde2192afa58520a80a264c45c7f6c4e6afd54543ea4f", 0x3a}, {&(0x7f00000008c0)="c62b897a1b9e3166454d0cd7f606af7dce572f07f9bca4a9d3cbe8f558c7849b8263ad52d31f84d1abf18930997134c0c9544aacbe0c07a156896f1b9b3b4635ceda0c6e7f6879f10f4d37bd8a3e50191a2df68c0bfdbef246e281473c2985da2d68", 0x62}], 0x4, &(0x7f0000000980)=[@ip_ttl={{0x14, 0x0, 0x2, 0x3}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x6}}], 0x30}}], 0x3, 0x11)
splice(0xffffffffffffffff, 0x0, r2, 0x0, 0x408cd, 0x800000000000000)
syz_emit_ethernet(0x26, &(0x7f0000000a80)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaabb8100260089020101884c060000022daa41df7773aaaaaaaaaaaae56185a0d3ee0d2a5ca2d564add0f6403a7f12d61195fbaa80d91672935e2e04da4665cfeb4ac4b9a6aac60e7cdb85a28f3a1237026f85bec737eeb5845285769503dec53622f228d5dcd6800977cd109f0f6d9f97ce7c8f337c512b973a7091c0fc394d197b7603e2529344b4bbebf9050ca75f44636529f363c136926a2950f120334d45ed14c8310ba3d78ee25f7ce8dd282e95954c8dbfb8b2a00bc3e9a449bd4eda7d7a3e1ddf5e782978aab2d2da4cee7b82bdbd14c4524288ffaf3ccc236bc1ce7e856155ce864b8443c909a0cdfb6c42c3bfead9139d7694995d7bf7e7c2f8e684d274fc2e4fcb938f7115d3e6daf397f52aff91111b933b56ddf6afac7ffc5b23c5d74a505a1731516bef6494da1f475b4fea90b1774ecc"], 0x0)
write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[], 0xfffffe3e)

846.621943ms ago: executing program 0 (id=6639):
perf_event_open(&(0x7f0000001300)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}}, 0x4000000)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={0x0, 0xa8}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)

794.673627ms ago: executing program 0 (id=6640):
unshare(0x400)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x0, 0x0, 0x0, 0x1, 0x99, &(0x7f0000000240)=""/153}, 0x94)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0, 0x3, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x8a, &(0x7f0000000540)={[{@jqfmt_vfsold}, {@usrjquota, 0x22}, {@errors_continue}, {@grpquota}, {@data_err_ignore}, {@grpjquota, 0x22}, {@nodiscard}, {@errors_remount}, {@nodelalloc}, {@sysvgroups}, {@norecovery}]}, 0x1, 0x455, &(0x7f0000000d80)="$eJzs3M1PXFUbAPBnZhha2vLCW2u12CpajcQPKPTDLtzUaOJCExNd1LhCoA12WkzBxDZE0QUuTRP3xqWJf4Eb68aoKxO3ujcmxLCxuhpzZ+6FKcwAAwNTnd8vue05cy4557n3nplnzp2ZADrWYPJPLuJQRPwSEX3V6t07DFb/u7M8P/HX8vxELsrl1//IVfb7c3l+Its1+7uD1Uq5vEG/i29FjJdKU9fT+sjc1XdHZm/cfHb66vjlqctT18bOnz9z+kT3ubGzLYmzNxnrwAczx4+9/OatVycu3nr7h6+S8R5K22vjaJXB6tGt64lWd9ZmvTXlXFcbB0JTChGRnK5iZf73RSF6Vtr64qWP2zo4YFeVy/nyvsbNC2XgPyxJ1IFOlL3QJ+9/s22PUo97wtKFWFnHuJNu1ZauyKf7FNP3SLthMCIuLvz9ebLFLq1DAADUun0hIp6pl//l4+j+1f3+l94b6o+I/0fE4Yi4LyKORMT9EXE0Ih6IiAeb7H/tHZL1+U+5b3uRbU2S/z2f3tu6O//Lsr/oL6S13kr8xdyl6dLUqfSYDEVxX1If3aCPb1/8+dNGbbX5X7Il/We5YDqO37vWLNBNjs+N7yTmWksfRQx01Ys/t5LzJvnxsYgY2GYf0099ebxR2+bxb6AFSXn5i4gnq+d/IdbEn8k1vD85+ty5sbMj+6M0dWokuyrW+/Gnxdca9b+j+Ftg6XY5DtS9/lfi78/tj5i9cfNK5X7tbPN9LP76ScP3NNu9/rtzb1TK3elj74/PzV0fjejOvbL+8bHVv83q2f7J9T90sv78PxyrR+KhiEgu4hMR8XBEPJKO/dGIeCwiTm4Q//cvPP5O8/FvsCrfQkn8k5ud/6g9/80XCle++7r5+DPJ+T9TKQ2lj2zl+W+rA9zJsQMAAIB/i3zlM/C5/PBKOZ8fHq5+hv9IHMiXZmbnnr408961yepn5fujmM9Wuvpq1kNH07XhrD62pn46XTf+rNBTqQ9PzJQm2x08dLiDDeZ/4rdCu0cH7Drf14LOZf5D5zL/oXOZ/9C5zH/oXPXm/4dtGAew9zZ5/e/Zq3EAe0/+D53L/IfOZf5DR2r43fj8jr7yr9CmwjfdO/uthq0XIn+PhLzrhWJE7EVfxajb1LXlH7PYZmFf3aZ2PzMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC0xj8BAAD//37l4X0=")
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x4e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file2\x00', 0x2004d95, &(0x7f00000000c0)={[{@barrier}]}, 0x1, 0x523, &(0x7f0000000a80)="$eJzs3c1vHGcZAPBnNrtJnDi1+ThAJUKhRU4F2bVr2locSpEQnCohyj0Ye21ZXnst77qNVxV1/gIkhACJE1y4IPEHIKFIXDgipEpwBqkIhCCFAwfooJ2d9Vd27W262XXs30+azPvO1/O8m8zszOybmQAurGci4tWIeD9N0+cjYiqSbHohH2KvM7SXe+/BW0vtIYk0ff0fSbZku97dVpKPr+erXY2Ib3494jvJw3Ebu631xVqtup3XK82NrUpjt3V7bWNxtbpa3Zyfn3tp4eWFFxdmh9LOGxHxylf/8sPv/fxrr/z6C2/++c7fbn23ndZkPv9wOz6g4kkzO00vZZ/F4RW2HzHYWVTMWpibGGyde48xHwAA+muf4380Ij4bEc/HVFw6+XQWAAAAeAKlX56M/yYRaW+X+0wHAAAAniCFrA9sUijnfQEmo1Aolzt9eD8e1wq1eqP5+ZX6zuZyp6/sdJQKK2u16mzWVzirJ+36XFY+qL9wrD5/pXO/4QdTE1m9vFSvLY/75gcAAABcENePXf//e6pz/Q8AAACcM9PjTgAAAAB47Fz/AwAAwPnn+h8AAADOtW+89tpERKTd918vv7G7s15/4/ZytbFe3thZKi/Vt7fKq/X6avbMvo3Ttler17e+GJs7dyvNaqNZaey27mzUdzabd9aOvAIbAAAAGKGPfPr+H5OI2PvSRDa0XR53UsBIFPdLST7usff/6anO+N0RJQWMxKUBlnn3yggSAUauOO4EgLEpjTsBYOySU+b37bzzu3z8meHmAwAADN/MJ/v//l84cc29k2cDZ56dGC6uY/t/2jauXIDRyn7/H7TDr5MFOFdKA/UABM6zD/37/6lcVwAAwLhNZkNSKOe39yajUCiXI25krwUoJStrtepsRDwVEX+YKl1p1+diwP84CAAAAAAAAAAAAAAAAAAAAAAAAABk0jTpvPQHAAAAOLciCn9NfpNk7/+amXpu8vj9gcvJf6Yif0Xomz95/Ud3F5vN7bn29H/uT2/+OJ/+wjjuYAAAAADHda/Tu9fxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBM7z14a6k7jDLu378SEdO94hfjaja+GqWIuPavJIqH1ksi4tIQ4u/di4hP9IqftNPaD9kr/sTjjx/T+afQK/71IcSHi+x++/jzaq/9rxDPZOPe+18x4kj9UR05/rVuHjn+do9/l/rs/zcGjPH0O7+s9I1/L+LpYu/jTzd+0if+swPG//a3Wq1+89KfRsz0/P5JjsSqNDe2Ko3d1u21jcXV6mp1c35+7qWFlxdeXJitrKzVqvmfPWN8/1O/ev+k9l/rE3/6lPY/N2D7//fO3Qcf6xRLB1Mn9uPferZH/N/+LF/u4fiF/Lvvc3m5PX+mW97rlA+7+Yvf3zyp/csH7S99kL//WwO2fyg7CgAwNI3d1vpirVbdfsIKb+f5n75w+zzrbOT8CIXkbKRxXgtvD3WDaZqm7X+TPWbdj4hBtpPEWfhYssJ4j0sAAMDwHZz0jzsTAAAAAAAAAAAAAAAAAAAAuLgefvpXmsaQH0J2PObefinxZGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Mz4fwAAAP//j6PX8g==")
clock_adjtime(0xffffffd3, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000400)={0x6, 0x3, &(0x7f0000000600)=ANY=[], &(0x7f00000002c0)='GPL\x00'}, 0x94)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
unshare(0x6040400)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e0000008500000005000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0xa8}, 0x18)
io_uring_setup(0x31fa, &(0x7f00000001c0)={0x0, 0x6a93, 0x40, 0x2, 0xd1})
socket$nl_rdma(0x10, 0x3, 0x14)
socket(0xa, 0x3, 0x3a)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0x44840)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
mknod$loop(0x0, 0x2000, 0x1)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000100)={0x0, 0x3, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000005000100070000000900020073797a31000000001400078005001500070000000800124000000000050005000200000005000400000000000d000300686173683a6e6574"], 0x5c}}, 0x0)
unshare(0x100)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB="44000000090601060000000000000000000000000900020073797a310000000005000100070000001c0007800c00018008000140ffffffff0c00028008000140"], 0x44}, 0x1, 0x0, 0x0, 0x10040047}, 0x240008c4)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)

717.034833ms ago: executing program 4 (id=6642):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010200000000000000020000000900010073797a300000000040000000030a01010000000000000000020000000900010073797a30000000000900030073797a320000000014000480080001400000000008000240000000002c000000030a03000000000000000000020000000900010073797a3000000000090003007379"], 0xb4}, 0x1, 0x0, 0x0, 0x400c0d1}, 0x20008040)

703.548114ms ago: executing program 6 (id=6643):
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x60, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffff9ce}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x50)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x18)
openat2$dir(0xffffffffffffff9c, &(0x7f0000000840)='./file0\x00', &(0x7f0000000080), 0x18)
lsm_set_self_attr(0x69, 0x0, 0x42, 0x0)
lsm_get_self_attr(0x66, &(0x7f0000000380)={0x0, 0x0, 0x65, 0x45, ""/69}, &(0x7f00000000c0)=0x65, 0x1)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x48a, &(0x7f0000000000)={[{@jqfmt_vfsold}, {@grpjquota, 0x22}, {@errors_continue}, {@noload}, {@nombcache}, {@usrjquota, 0x22}, {@errors_continue}, {@nombcache}, {@barrier}]}, 0x1, 0x455, &(0x7f0000000d80)="$eJzs3MtvG8UfAPDv2nH6/iW/Uh4tLQQKouKRNOmDHrgUgcQBJCQ4FHEKaVqFug1KgkSrCFIO4YgqcUcckfgLuFAuCDghcYU7QgooFwono7V3UzexnZcTl/rzkTaZ8Yw18/XO2ONZ2wF0rYH0TxKxNyJ+iYi+WvbOCgO1f7cWZ8f+XpwdS6JSeePPpFrvr8XZsbxqfr89tUyl0qLd+bcjRsvl8aksPzRz+b2h6avXnpu4PHpx/OL4lZEzZ06eONJ7euRUW+Lcl/b10IeThw++8taN18bO3Xjnh6/S/u7NyuvjaJeB2qPb0JPtbqzD9tWlk54OdoR1KUZEerpK1fnfF8XYtVTWFy9/3NHOAVuqUilUdjQvnqsA97B0oQ50o/yFPn3/mx/btPS4KyycjaV9jFvZUSvpiUJWp5S9R9oKAxFxbu6fz9MjtmgfAgCg3s2zEfFso/VfIR6oq/e/7NpQf0T8PyL2R8R9EXEgIu6PqNZ9MCIeWmO7+S7z8iskK9c/lb4NB7cG6frvheza1p3rv3z1F/3FLLevGn8puTBRHj+ePSbHorQjzQ+3aOPbl37+tFlZ/fovPdL287Vg1o/fe5Zt0J0fnRndTMz1Fq5HHOppFH+ytOZNmz8YEYc22MbE018ebla2evwttGFRXvki4qna+Z+LZfHnkqbXJ4efPz1yamhnlMePD+WjYqUff5p/PWstWV62qfjbYOFmJXY3HP9LXe1PdkZMX712qXq9dnr9bcz/+knT9zQbHf+9yZvVdG922wejMzNTwxG9yasrbx+5fd88n9dPx/+xo43n//64/Ug8HBHpID4SEY9ExKNZ3x+LiMcj4miL+L9/8Yl31x9/i135Nkrj/6O0yvmP+vO//kTx0ndfrz/+XHr+T1ZTx7Jb1vL816pf16c2M5oBAADgv6dQ/Qx8UhhcShcKg4O1z/AfiN2F8uT0zDMXJt+/cr72Wfn+KBXyna6+uv3Q4WxvOM+PLMufyPaNPyvuquYHxybL5zsdPHS5PU3mf+q3Yqd7B2w539eC7mX+Q/cy/6F7mf/Qvcx/6F6N5v9HHegHsP1Wef3ftV39ALaf9T90L/Mfupf5D12p6ZfkC5v6yr9EhxLf9G7utxrWnojCXRLyPZMoRcOinpY/ZtGGxI6GRZ1+ZgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGiPfwMAAP//ib/kzg==")

695.677625ms ago: executing program 4 (id=6644):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), r0)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), r0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000280)={&(0x7f0000000080)="db518f79a112c6ad93c4b85a9082d3a0c30167da0e74f254f3e329cbb4544bde303e3ff4b2c8b3862407a36a31e78e21c24884a45e63dd8c568e21bd07692f643c3b3b7b144f260cc3c8e301c499608331d504252cc7a8bce78c605a6cf318a3cf04c5651876ba96cf3289b26a0f", &(0x7f0000000100)=""/132, &(0x7f00000001c0)="f045836c14c86889899ab687bdb7919ecbb3418a", &(0x7f0000000200)="d1d807d1a003700662c02a41c93185ec088e28dcf2aa0c2bdcb8e9fd5be86488305edd61f02eeb429b2ed36da7f218c769ed1c258d884f9b67e35edc858e60f5270aa201a71aeb4f748d83dc81bfb58f19d542d70dd2d8bd8adbee2d50", 0xffffffff}, 0x38)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_GET_SERVICE(r2, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000300)={0x9c, r1, 0x1, 0x70bd2c, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xfffffffe}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x7a800000}, @IPVS_CMD_ATTR_SERVICE={0x2c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x2b}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@private1}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x22}}]}, @IPVS_CMD_ATTR_SERVICE={0x14, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x6e}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x4}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x7}, @IPVS_CMD_ATTR_DEST={0x30, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0xf}, @IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e21}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x6}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}]}]}, 0x9c}, 0x1, 0x0, 0x0, 0x81}, 0x10)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000480), r2)
sendmsg$TIPC_NL_BEARER_GET(r2, &(0x7f0000000800)={&(0x7f0000000440), 0xc, &(0x7f00000007c0)={&(0x7f00000004c0)={0x294, r3, 0x8, 0x70bd25, 0x25dfdbfe, {}, [@TIPC_NLA_LINK={0x68, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x34, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x10}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}]}, @TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}]}, @TIPC_NLA_LINK_PROP={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xe}]}]}, @TIPC_NLA_LINK={0x84, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x20}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x3}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}]}, @TIPC_NLA_NODE={0x180, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x3}, @TIPC_NLA_NODE_KEY={0x3e, 0x4, {'gcm(aes)\x00', 0x16, "5d9e28b5728f510e6c6cbf033895ea93da245882cae5"}}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x9}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x2}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x80}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x10}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x7}, @TIPC_NLA_NODE_ID={0xca, 0x3, "e19d217805fa983992661555690ca6561b2a28e6493bf33320b74737748b87cb93bd724748e4d3e29756c2a94d9f235d0c54c550241ab3c2e72faf4d1e99d7804562da0e847eeb63b010e45712271dc64be8c6ee644bc4f2813991c6d0b65e892bc390e90403491826b644b765c7b1873295c9c0fa18d6c1f92982e8f3b5c5b0027a4991c49355458fe2148a13997e1749927cd409f3427bf646b97d5dae30f8ea69b40ca3eae95317701b620074a28fa820e533f74e9f7b4130803ca8a429fe54ff37ea5018"}, @TIPC_NLA_NODE_KEY={0x40, 0x4, {'gcm(aes)\x00', 0x18, "2e50c2996b45a1c6f8450a12a0b38d98fa5e54ffb9a9210b"}}]}, @TIPC_NLA_MON={0x14, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x29ce}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xa5}]}]}, 0x294}, 0x1, 0x0, 0x0, 0x4000}, 0x100)
mlockall(0x3)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000880), r2)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r2, 0x8933, &(0x7f00000008c0)={'wg2\x00', <r5=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(r0, &(0x7f00000009c0)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000980)={&(0x7f0000000900)={0x68, r4, 0x1, 0x70bd2d, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x5}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x4}, @MPTCP_PM_ATTR_ADDR={0x34, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r5}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x14}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x80}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x9}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x2}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x36}]}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x8}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0xf8}]}, 0x68}, 0x1, 0x0, 0x0, 0x816}, 0x1)
mlockall(0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000a80)={{0x1, <r6=>0xffffffffffffffff}, &(0x7f0000000a00), &(0x7f0000000a40)}, 0x20)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000bc0)={'syztnl2\x00', &(0x7f0000000b40)={'syztnl2\x00', <r7=>r5, 0x29, 0x74, 0x1, 0x56d, 0x46, @private2={0xfc, 0x2, '\x00', 0x1}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x40, 0x1, 0x8, 0x4}})
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000c40)={0x3ff, <r8=>0x0}, 0x8)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000fc0)={0x18, 0x29, &(0x7f0000000c80)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffff9, 0x0, 0x0, 0x0, 0xfff}, [@map_fd={0x18, 0x7}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}, @ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1000}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, 0x1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @call={0x85, 0x0, 0x0, 0x7a}, @ldst={0x3, 0x1, 0x0, 0x1, 0x0, 0x2, 0xfffffffffffffff0}, @ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}]}, &(0x7f0000000e00)='GPL\x00', 0x9768113, 0x27, &(0x7f0000000e40)=""/39, 0x40f00, 0x0, '\x00', r5, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000e80)={0x6, 0x1}, 0x8, 0x10, &(0x7f0000000ec0)={0x4, 0x9, 0xfffffffe, 0x6}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000f00)=[0x1], &(0x7f0000000f40)=[{0x5, 0x5, 0xf, 0x1}, {0x2, 0x3, 0xe, 0x4}, {0x5, 0x4, 0x8, 0xc}, {0x3, 0x2, 0x6, 0xc}, {0x0, 0x2, 0xb, 0x7}, {0x0, 0x1, 0x10, 0x4}, {0x0, 0x3, 0xc}], 0x10, 0x7}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000001080)={0xa0efcbcd0039293d, 0x7, &(0x7f0000000ac0)=@raw=[@tail_call={{0x18, 0x2, 0x1, 0x0, r6}}, @map_val={0x18, 0x2, 0x2, 0x0, r2, 0x0, 0x0, 0x0, 0x4}], &(0x7f0000000b00)='GPL\x00', 0xeba, 0x0, 0x0, 0x41000, 0x5, '\x00', r7, @fallback=0x2d, 0xffffffffffffffff, 0x8, &(0x7f0000000c00)={0x5, 0x1}, 0x8, 0x10, 0x0, 0x0, r8, r9, 0x0, 0x0, 0x0, 0x10, 0xff}, 0x94)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000001140)={{0x1, 0x1, 0x18, <r10=>r0, {0xf, 0x3}}, './file0\x00'})
sendmsg$NFNL_MSG_CTHELPER_GET(r10, &(0x7f0000001240)={&(0x7f0000001180)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000001200)={&(0x7f00000011c0)={0x20, 0x1, 0x9, 0x401, 0x0, 0x0, {0x2, 0x0, 0x4}, [@NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0x5}}]}, 0x20}, 0x1, 0x0, 0x0, 0x4000010}, 0x20048800)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r0, &(0x7f0000001b80)={&(0x7f0000001280)={0x10, 0x0, 0x0, 0x1200010}, 0xc, &(0x7f0000001b40)={&(0x7f0000001300)={0x798, r11, 0x1, 0x70bd27, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_TID_CONFIG={0x34c, 0x11d, 0x0, 0x1, [{0x348, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x3}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x198, 0xd, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x2c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_GI={0x5}]}, @NL80211_BAND_6GHZ={0x90, 0x3, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x2, 0xb9, 0xf7, 0x9, 0x1c, 0xe1a, 0x9, 0x10]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x5b8, 0x4, 0x4, 0x9, 0x4, 0x2, 0x9863, 0x8001]}}, @NL80211_TXRATE_LEGACY={0x8, 0x1, [0x6a, 0x3, 0xc, 0x1]}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x4, 0x0, 0x1, 0x2, 0x4, 0xe86, 0x0, 0x5]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HT={0x14, 0x2, [{0x1, 0x1}, {0x4, 0x1}, {0x1, 0xa}, {0x2, 0x8}, {0x4, 0xa}, {0x4, 0x9}, {0x2, 0x7}, {0x1, 0x2}, {0x5, 0x8}, {0x4, 0x8}, {0x3, 0x1}, {0x0, 0x6}, {0x0, 0x6}, {0x5, 0x2}, {0x7, 0x7}, {0x2, 0x5}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x3b2b, 0x40, 0x8, 0x5, 0x431, 0xc82, 0x0, 0x2]}}, @NL80211_TXRATE_LEGACY={0xe, 0x1, [0x5, 0x30, 0x6c, 0x5, 0x40, 0x1, 0x0, 0x6, 0x3, 0x18]}]}, @NL80211_BAND_5GHZ={0x4}, @NL80211_BAND_60GHZ={0x7c, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HT={0x3e, 0x2, [{0x6, 0x8}, {0x6, 0xa}, {0x4, 0x7}, {0x7}, {0x0, 0xa}, {0x2, 0x4}, {0x4, 0x8}, {0x5, 0x8}, {}, {0x0, 0x6}, {0x5, 0x7}, {0x1, 0x6}, {0x4, 0x3}, {0x5, 0x7}, {0x4, 0x5}, {0x7, 0x7}, {0x2, 0x7}, {0x7, 0x7}, {0x3, 0x7}, {0x7, 0xa}, {0x4, 0x8}, {0x0, 0x8}, {0x0, 0x2}, {0x4, 0x3}, {0x3}, {0x1}, {0x2, 0x7}, {0x3, 0x5}, {0x5, 0x1}, {0x2, 0xa}, {0x6}, {0x7, 0x3}, {0x1, 0x7}, {0x7, 0x4}, {0x3, 0x3}, {0x5, 0x6}, {0x0, 0x1}, {0x7, 0xa}, {0x3, 0x9}, {0x1, 0x3}, {0x2}, {0x5, 0x7}, {0x1}, {0x4, 0x4}, {0x3}, {0x5, 0x8}, {0x3}, {0x1, 0x4}, {0x0, 0x3}, {0x6, 0x6}, {0x4, 0x1}, {0x7, 0x8}, {0x4, 0x7}, {0x2, 0x8}, {0x0, 0xa}, {0x5, 0x4}, {0x1, 0x7}, {0x0, 0x3}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xfadd, 0x9, 0x2, 0x1, 0x6, 0xa, 0x2, 0x9]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x1, 0x9, 0x2, 0x3, 0x6, 0x9, 0x401, 0x8]}}]}, @NL80211_BAND_2GHZ={0x40, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x39, 0x2, [{0x6, 0x9}, {0x2, 0xa}, {0x2, 0x8}, {0x2, 0x4}, {0x1, 0x3}, {0x0, 0xa}, {0x5, 0x3}, {0x2, 0x3}, {0x2, 0x3}, {0x1, 0xa}, {0x4, 0x1}, {0x4, 0x4}, {0x3, 0x1}, {0x0, 0x5}, {0x5, 0x9}, {0x1, 0x6}, {0x3, 0x5}, {0x4}, {0x2, 0x4}, {0x7, 0x7}, {0x0, 0x2}, {0x1, 0x7}, {0x0, 0x5}, {0x7, 0x1}, {0x1, 0x4}, {0x1, 0x1}, {0x6, 0xb}, {0x0, 0x9}, {0x4, 0x5}, {0x6, 0x5}, {0x1, 0x4}, {0x6, 0x7}, {0x6, 0x9}, {0x1, 0x2}, {0x1}, {0x6, 0x3}, {0x1, 0x5}, {0x2, 0x3}, {0x7, 0x2}, {0x0, 0x1}, {0x0, 0x5}, {0x1, 0x7}, {0x3, 0x9}, {0x1, 0x1}, {0x7, 0x5}, {0x2, 0x1}, {0x7, 0xa}, {0x0, 0x6}, {0x1, 0x5}, {0x6, 0x6}, {0x3, 0x6}, {0x3, 0xa}, {0x6, 0x9}]}]}, @NL80211_BAND_60GHZ={0x18, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x4, 0x2, 0x9, 0x8001, 0x5, 0x5, 0x5, 0x1]}}]}]}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x95}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x8}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x17c, 0xd, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x70, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_LEGACY={0x16, 0x1, [0x16, 0x24, 0x2, 0x6c, 0x60, 0x48, 0x4, 0x16, 0x60, 0x30, 0x7d, 0x4, 0x18, 0x60, 0x9, 0x2, 0x9, 0x6]}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x7, 0x3, 0xf8, 0x0, 0xf70f, 0x5f0, 0x400, 0x80]}}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}]}, @NL80211_BAND_60GHZ={0x18, 0x2, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0x7ff, 0x9, 0x4, 0x7fff, 0x5dc3, 0x9, 0x1]}}]}, @NL80211_BAND_2GHZ={0xc, 0x0, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}, @NL80211_BAND_6GHZ={0x14, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_GI={0x5}]}, @NL80211_BAND_5GHZ={0xd0, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HT={0x46, 0x2, [{0x4, 0x9}, {0x1, 0x2}, {0x5, 0x8}, {0x4, 0xa}, {0x5, 0x6}, {0x0, 0x9}, {0x1, 0x7}, {0x3}, {0x2, 0x9}, {0x4, 0x4}, {0x1, 0x8}, {0x1, 0x6}, {0x6, 0x2}, {0x5, 0xa}, {}, {0x2, 0x7}, {0x6, 0x1}, {0x0, 0x8}, {0x0, 0x9}, {0x2, 0x7}, {0x5, 0x6}, {0x2, 0x9}, {0x4, 0x1}, {0x7, 0x8}, {0x1, 0x7}, {0x2, 0x7}, {0x1, 0x2}, {0x4, 0x1}, {0x6, 0x7}, {0x0, 0x2}, {0x6, 0xa}, {0x0, 0x6}, {0x0, 0x7}, {0x7, 0x1}, {0x0, 0x9}, {0x1, 0x1}, {0x3, 0x9}, {0x1, 0x6}, {0x0, 0x5}, {0x4, 0x2}, {0x6, 0x6}, {0x1, 0x1}, {0x0, 0x6}, {0x7, 0xa}, {0x2, 0x8}, {0x5, 0x2}, {0x4, 0x5}, {0x0, 0x5}, {0x2, 0x7}, {0x7, 0x6}, {0x4, 0x4}, {0x0, 0xa}, {0x7, 0x2}, {0x7, 0x1}, {0x7}, {0x7, 0x8}, {0x6, 0x1}, {}, {0x1, 0x9}, {0x4, 0xa}, {0x7, 0x8}, {0x5, 0x3}, {0x6, 0x5}, {0x7, 0x3}, {0x4, 0xa}, {0x7, 0x1}]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xfffc, 0x9, 0x4, 0x8, 0x400, 0x9, 0xd, 0x1]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x4, 0x5, 0xff01, 0xad7, 0x7f, 0x10]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_LEGACY={0x1a, 0x1, [0x0, 0x6c, 0x48, 0x1b, 0x0, 0x2, 0x6, 0x12, 0x48, 0xc, 0x6c, 0x16, 0x5, 0x12, 0x1, 0x1, 0x2, 0xb, 0x2, 0x12, 0x16, 0xb]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x101, 0xf039, 0xe3d9, 0x0, 0x2, 0x90f, 0x4e, 0x360a]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x7, 0x2, 0xd, 0x993a, 0x0, 0x4, 0x8001, 0x6]}}]}]}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x88}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5}]}]}, @NL80211_ATTR_TID_CONFIG={0x1d0, 0x11d, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}]}, {0x38, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x77}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xa9}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0xed4}]}, {0x188, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x8000000000000001}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x9}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x7e}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x13c, 0xd, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x44, 0x1, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_LEGACY={0x22, 0x1, [0x1b, 0x1b, 0x24, 0x60, 0x0, 0x1b, 0x2, 0x1b, 0x16, 0x48, 0x9, 0x6c, 0x9, 0x30, 0x9, 0xc, 0x2, 0x36, 0x48, 0x1b, 0x6, 0x6, 0x16, 0x2, 0x16, 0x6, 0x9, 0x2, 0x60, 0x2]}, @NL80211_TXRATE_LEGACY={0xb, 0x1, [0x12, 0x9, 0x4, 0x12, 0x4, 0x6, 0x6c]}, @NL80211_TXRATE_HE_GI={0x5}]}, @NL80211_BAND_2GHZ={0x14, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}, @NL80211_BAND_60GHZ={0x58, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_LEGACY={0x23, 0x1, [0x4, 0x24, 0xb, 0xb, 0x4, 0x1, 0x4, 0x30, 0x5, 0x1b, 0x1, 0x60, 0x2, 0xac, 0x1, 0xd2, 0x5, 0x18, 0x1b, 0x48, 0x18, 0x5, 0x2, 0x5, 0x4, 0x5, 0x2, 0xb, 0x1, 0x48, 0x12]}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x4, 0x6, 0x8, 0x4, 0xeb, 0x6, 0xea3]}}, @NL80211_TXRATE_HT={0xa, 0x2, [{0x0, 0x9}, {0x0, 0x9}, {0x7}, {0x5, 0x3}, {0x0, 0x7}, {0x4, 0xa}]}]}, @NL80211_BAND_6GHZ={0x24, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HT={0x15, 0x2, [{0x2}, {0x4, 0x4}, {0x5, 0x2}, {0x1}, {0x0, 0x9}, {0x4, 0x6}, {0x4, 0x1}, {0x6, 0xa}, {0x4, 0x7}, {0x2, 0x8}, {0x4, 0x2}, {0x5, 0x4}, {0x3}, {0x2, 0x3}, {0x3, 0x8}, {0x3}, {0x4, 0x6}]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}, @NL80211_BAND_6GHZ={0x38, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_LEGACY={0x22, 0x1, [0x60, 0x30, 0x30, 0xc, 0x12, 0xb, 0x1b, 0x1, 0x3, 0x2, 0x12, 0x24, 0x30, 0x6, 0x12, 0x30, 0x12, 0x1, 0x9, 0x36, 0x1c, 0x53, 0x4, 0x48, 0x1, 0x6c, 0x16, 0x5, 0x3, 0x4]}]}, @NL80211_BAND_5GHZ={0x2c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_GI={0x5}]}]}]}]}, @NL80211_ATTR_TID_CONFIG={0xb4, 0x11d, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}]}, {0x30, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0xa4}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0xee}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0xa}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0xffffffffffffffff}]}, {0x20, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x8001}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xc}]}, {0x18, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x1f}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x6}]}, {0x3c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x4c}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xf7}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x16}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc}]}]}, @NL80211_ATTR_TID_CONFIG={0x1b4, 0x11d, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xb3}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x1}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x16}]}, {0x44, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x1}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x5}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x1}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0xbb}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x1}]}, {0x18, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}]}, {0x2c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x6}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x7}]}, {0x4}, {0x18, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x1}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x9ae3}]}, {0xd0, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0xa8, 0xd, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x24, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}, @NL80211_BAND_6GHZ={0x68, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HT={0x4a, 0x2, [{0x6, 0x7}, {0x4, 0x1}, {0x2, 0x5}, {0x7, 0x2}, {0x6, 0x1}, {0x0, 0x6}, {0x5, 0xa}, {0x5, 0x4}, {0x3, 0x2}, {0x3, 0x1}, {0x2, 0x9}, {0x0, 0xa}, {0x6, 0x8}, {0x0, 0xa}, {0x2}, {0x0, 0x5}, {0x7, 0x9}, {0x1, 0x6}, {0x5, 0x5}, {0x3}, {0x4}, {0x1}, {0x4, 0x1}, {0x5, 0x9}, {0x7, 0x3}, {0x4, 0x3}, {0x6, 0x7}, {0x0, 0x3}, {0x3, 0x2}, {0x7, 0x6}, {0x2, 0x8}, {0x2, 0x2}, {0x6, 0x3}, {0x5}, {0x4}, {0x1, 0x7}, {0x5}, {0x7, 0x2}, {0x1, 0x4}, {0x7, 0x4}, {0x1}, {0x1, 0x5}, {0x1, 0x7}, {0x6, 0x9}, {0x5, 0x8}, {0x5, 0x2}, {0x6, 0x7}, {0x2, 0x3}, {0x7, 0x6}, {0x4, 0x5}, {0x4, 0x2}, {0x6, 0x3}, {0x1, 0x3}, {0x5, 0x4}, {0x3, 0x4}, {0x2, 0x2}, {0x2, 0x7}, {0x6, 0x3}, {}, {0x3}, {0x1, 0x4}, {0x3, 0x2}, {0x0, 0x2}, {0x5, 0x5}, {0x1}, {0x7, 0x4}, {0x5}, {0x4, 0x3}, {0x5, 0x5}, {0x7, 0x2}]}]}, @NL80211_BAND_60GHZ={0x18, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x4df1, 0xffff, 0x10, 0x8, 0x4, 0x1a6a, 0x4]}}]}]}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xd4}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}]}, {0x14, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x4a}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0xf8}]}]}]}, 0x798}}, 0x10)
r12 = syz_genetlink_get_family_id$devlink(&(0x7f0000001c00), r2)
sendmsg$DEVLINK_CMD_SB_POOL_GET(r10, &(0x7f0000001e00)={&(0x7f0000001bc0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000001dc0)={&(0x7f0000001c40)={0x180, r12, 0x200, 0x70bd2c, 0x25dfdbfe, {}, [{@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x6}, {0x6, 0x11, 0xca}}, {@pci={{0x8}, {0x11}}, {0x8}, {0x6, 0x11, 0x94}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x8}, {0x6, 0x11, 0x2}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x3}, {0x6, 0x11, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x3}, {0x6, 0x11, 0x6fc}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x9}, {0x6, 0x11, 0x2}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x7ff}, {0x6, 0x11, 0x1}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0xffff8001}, {0x6, 0x11, 0x42a9}}]}, 0x180}, 0x1, 0x0, 0x0, 0x48000}, 0x4048002)
ioctl$sock_SIOCGIFINDEX_80211(r10, 0x8933, &(0x7f0000001e80)={'wlan0\x00', <r13=>0x0})
sendmsg$NL80211_CMD_GET_POWER_SAVE(r0, &(0x7f0000001f40)={&(0x7f0000001e40)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000001f00)={&(0x7f0000001ec0)={0x28, r11, 0x200, 0x70bd2d, 0x25dfdbff, {{}, {@val={0x8, 0x3, r13}, @val={0xc, 0x99, {0x8, 0x7d}}}}, ["", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x24040010}, 0x24000840)
r14 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_SET(r14, &(0x7f0000002080)={&(0x7f0000001f80)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000002040)={&(0x7f0000001fc0)={0x44, 0x1402, 0x1, 0x70bd25, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_DIM={0x5, 0x54, 0x1}, @RDMA_NLDEV_NET_NS_FD={0x8, 0x44, r10}, @RDMA_NLDEV_ATTR_DEV_DIM={0x5, 0x54, 0x1}, @RDMA_NLDEV_ATTR_DEV_NAME={0x9, 0x2, 'syz2\x00'}]}, 0x44}, 0x1, 0x0, 0x0, 0x4800}, 0xc0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000002180)={<r15=>0x0}, &(0x7f00000021c0)=0xc)
perf_event_open(&(0x7f0000002100)={0x5, 0x80, 0x1, 0x2, 0xbf, 0x9, 0x0, 0x7a, 0x0, 0x4, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x3, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, @perf_bp={&(0x7f00000020c0), 0x4}, 0x10020, 0xc9, 0x3, 0x7, 0x8d62, 0xe, 0x8, 0x0, 0x0, 0x0, 0x81}, r15, 0x5, 0xffffffffffffffff, 0x0)

673.541326ms ago: executing program 0 (id=6645):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
splice(r0, 0x0, 0xffffffffffffffff, 0x0, 0x39000, 0x0)
r2 = memfd_create(&(0x7f0000000080), 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x161281, 0x0)
write$binfmt_aout(r3, &(0x7f0000000080)=ANY=[], 0xff2e)
ioctl$TCSETS(r3, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "0040001e1d113c812e5d6000"})
r4 = syz_open_pts(r3, 0x0)
dup3(r4, r3, 0x0)
ppoll(&(0x7f0000000140)=[{r3}], 0x1, 0x0, 0x0, 0x0)
sendmmsg$inet(r0, &(0x7f00000009c0)=[{{0x0, 0x0, &(0x7f0000000240)=[{0x0}, {&(0x7f0000000140)="5cb3ff2c81739989ec1472bff9e777cf789d74f2cd798dd4a7093b03b023490e4331df1852dc52e0e4b44feab755d8c4dd9ded5bfaabfec9b0a13995871c9e5a78c4be16ed438dc63e1c883d69f4100c0a65e847f6b21f44d01cdcf831cf13fa512895bea9e9f57e18114533aef5663f68898ad3f097e0dcbd51d147a410e0cacc70609e91b49f36f21f9a6d2a1849af582de6182929910b699711381cd2a6d0", 0xa0}], 0x2}}, {{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000280)="7f88aa81657e5d0939e7f823c15f1eb44edbf5275e956dd65492f804b661c892583fe6a8e0096fa49a4eb5cd508a05a4279121e8723924d68f4009aa943fd9b0f9e516b7506a6a60282b0f2141731bac5c4ffed122679d380d042fd0532a0b9cc09b427d4c8ef4bca4ae606ef04e37e5be682932f375f8d3d8c0cabecbdabf98c6c29ec72968da81d885bf0870edc504ef2c50fe125894e4cec0cafb9eab00e5be6b357c4d9e038e5942c91dc14f1667", 0xb0}, {&(0x7f00000003c0)="d2380f2b333142348134cec70218355b31321668ed6593f3234cd64513bb546699610b729879ff1fabed7d863904bf4dd4cb5e69400668d67b958c1080e514c24592b0a24af3d55a5de16d488486a67b57a25a5d511b9bed65f3b5f1d1c64a33f7c78d3c80180e674793f0fe0ddf14503fa42923f568fb8f06cd950fbb79af54f88faf58ada57b5631caaeef633f844a49f267c3969da4a67d6c4f5029e4a4702b4bc9267496f7733e2b676d20a6a17e82dcdd9fba4b719e503d6bb6e3", 0xbd}, {&(0x7f0000000480)="410bfefea1ffc083cbd8197fdbdc8be4deae6bf2d6ca3ef609e36af0617ecd15166f9077a475dc924bbfa0aa27afdde8affe7e361b0331778105ef9ecad56d7f9e52a3eb0d42f59e35e8a053b9850c6ea54a0787c9a82310ae0f0976d13e1be57e7b415a9acd7ee5d0762cbafa63a50cbc7125e80f86d4f9caa9b72d28729a47697225d72eff1d5519085bcb2c08227db6569fbb08323acc0c7c263d65607ed74b6b9dab86e7da44d65a71ce0216f9f8285e07f6c50aecffff2870ad50df27b9611f6ef59355068d44a604882e56", 0xce}, {&(0x7f0000000580)="413e088593bda580c2d517877477a11df0c2aa265d1ca42530ecd7fbaa4922ce3584b01e98575691f3794262470437eb59306f97be02d367e296ab9d8b0bf93de5a54cb36e4f4a896fffaba0c44fc509b43dacfc805e7ecfb9dc500718ce387f7798bb86c5b650adf81bf0a9f8", 0x6d}, {&(0x7f0000000600)="e70c8366ec565c821dc68be04822fb735af7524b7c3344d61aa7097deb7981677922c8528773fdcf46d6cb14986884c00053c619a23d6babd565590af975fea0a040e6b20b2480fab0682263a5bf384af8cc68a04bc16c6c81ad6e18a1c6f4b5c681d2ec4a67bc00da4429559abcb00a62d48b1119dafe91ada08589577d935934d0a06fc52a", 0x86}, {&(0x7f00000006c0)="aea9b2102cfb84c088affbfc2b8123d1b6846d43192b6c1de488fb5bed1a87ed0a5a9e2df0cf44774d13c6c14a8197db21bd9e45dd41ea5b7104c92dff9fe982f28722769843db157c26d7934e09a1fcf252244cdf0388ed3e52f12fc58114375f62ea250e98b77178d449a027dceb1f0a0534ab89fa83489d0c517d", 0x7c}], 0x6}}, {{0x0, 0x0, &(0x7f0000000940)=[{&(0x7f00000007c0)="4b7754216387c6ced88aa699eed4a9b5d0166406715898520b00ff1cef9a82e509d05730d26bf892917e7de13a37374ae2ad7ff45077f83bf635882b4b808c08e8e224fc1fd75ce9e482a586e94e32f8d1245e8beee4d9ab95e9f7550cd467f425106b3fbd4d4b7a105a15cc09501567717f3a2b4cbc6e588fffab74bd679ae82f6439057f1ce02644bff541a3aad71c4c57966daa97", 0x96}, {&(0x7f0000000340)="51458a7f9ce38c90c0cf820bd8ecbb3627fa97ad2a6fbb1c", 0x18}, {&(0x7f0000000880)="e222d4faa00621dc09a924d3983e069ff151360fb52cfec7593042664930fa624a0a107cde2192afa58520a80a264c45c7f6c4e6afd54543ea4f", 0x3a}, {&(0x7f00000008c0)="c62b897a1b9e3166454d0cd7f606af7dce572f07f9bca4a9d3cbe8f558c7849b8263ad52d31f84d1abf18930997134c0c9544aacbe0c07a156896f1b9b3b4635ceda0c6e7f6879f10f4d37bd8a3e50191a2df68c0bfdbef246e281473c2985da2d68", 0x62}], 0x4, &(0x7f0000000980)=[@ip_ttl={{0x14, 0x0, 0x2, 0x3}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x6}}], 0x30}}], 0x3, 0x11)
splice(0xffffffffffffffff, 0x0, r2, 0x0, 0x408cd, 0x800000000000000)
syz_emit_ethernet(0x26, &(0x7f0000000a80)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaabb8100260089020101884c060000022daa41df7773aaaaaaaaaaaae56185a0d3ee0d2a5ca2d564add0f6403a7f12d61195fbaa80d91672935e2e04da4665cfeb4ac4b9a6aac60e7cdb85a28f3a1237026f85bec737eeb5845285769503dec53622f228d5dcd6800977cd109f0f6d9f97ce7c8f337c512b973a7091c0fc394d197b7603e2529344b4bbebf9050ca75f44636529f363c136926a2950f120334d45ed14c8310ba3d78ee25f7ce8dd282e95954c8dbfb8b2a00bc3e9a449bd4eda7d7a3e1ddf5e782978aab2d2da4cee7b82bdbd14c4524288ffaf3ccc236bc1ce7e856155ce864b8443c909a0cdfb6c42c3bfead9139d7694995d7bf7e7c2f8e684d274fc2e4fcb938f7115d3e6daf397f52aff91111b933b56ddf6afac7ffc5b23c5d74a505a1731516bef6494da1f475b4fea90b1774ecc"], 0x0)
write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[], 0xfffffe3e)

546.802097ms ago: executing program 6 (id=6646):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000007d000000850000000f00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10)
syz_clone(0x42000000, 0x0, 0x0, 0x0, 0x0, 0x0)

523.906979ms ago: executing program 6 (id=6647):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f0000000180), 0x202, 0x2581)
ioctl$USBDEVFS_REAPURB(r1, 0x4008550c, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
perf_event_open(0x0, 0x0, 0xfffaffffffffffff, 0xffffffffffffffff, 0x8)
r2 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x91c, 0x4156, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0xfffffffffffffff8, 0x1}, 0x12640, 0x0, 0xfffffffe, 0x6, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000140), 0xfc, 0x560, &(0x7f00000008c0)="$eJzs3d9rW1UcAPDvTdut+6HtYAz1QQp7cDKXrq0/JvgwH0WHA33XkGRlNF1Gk461Dtwe3IsvMgQRB6Lvvvs4/Af8KwY6GDKKPuwlctObLluTNu3StVs+H7jtOffe9Jxv7v2enpubkAAG1kT6IxfxakR8l0SMtW0bjmzjxOp+Kw+uFdMliUbjs3+SSLJ1rf2T7PehrPJKRPzxTcTJ3Pp2a0vLc4VKpbyQ1Sfr85cna0vLpy7OF2bLs+VL0zMzZ96ZmX7/vXf7Fuub5//78dM7H5359vjKD7/dO3IribNxONvWHsdTuN5emYiJ7DkZibNP7DjVh8b2kmS3O8C2DGV5PhLpGDAWQ1nWd9QYe5ZdA3bY12laAwMqkf8woFrzgNa1fZ+ug58b9z9cvQBaH//w6msjMdq8Njq4kjx2ZZRe7473of20jd//vn0rXaJ/r0MAbOr6jYg4PTy8fvxLsvFv+073sM+TbRj/4Nm5k85/3uo0/8mtzX+iw/znUIfc3Y7N8z93rw/NdJXO/z7oOP9du2k1PpTVXmrO+UaSCxcr5XRsezkiTsTI/rS+wf2cL3MrdxvdNrbP/9Ilbb81F8z6cW94/+OPKRXqhacKus39GxGvdZz/JmvHP+lw/NPn43yPbRwr336927bN499ZjV8i3uh4/B/d0Uo2vj852TwfJltnxXr/3jz2Z7f2dzv+9Pgf3Dj+8aT9fm1t6238PPqw3G3bds//fcnnzfK+bN3VQr2+MBWxL/lk/frpR49t1Vv7p/GfOL7x+Nfp/D+QJnaP8d88erN919Gtxb+z0vhLWzr+Wy/c/firn7q139vxf7tZOpGt6WX867WDT/PcAQAAAAAAwF6Ti4jDkeTya+VcLp9ffX/H0TiYq1Rr9ZMXqouXStH8rOx4jORad7rH2t4PMZW9H7ZVn36iPhMRRyLi+6EDzXq+WK2Udjt4AAAAAAAAAAAAAAAAAAAA2CMORYx2+vx/6q+h3e4dsOM2+Mpv4AXXPf+zLf34pidgT/L/HwaX/IfBJf9hcMl/GFzyHwaX/IfBJf9hcG0l/389t4MdAQAAAAAAAAAAAAAAAAAAAAAAAAAAgBfD+XPn0qWx8uBaMa2XriwtzlWvnCqVa3P5+cVivlhduJyfrVZnK+V8sTq/2d+rVKuXp6Zj8epkvVyrT9aWlr+Yry5eethYVR55JlEBAAAAAAAAAAAAAAAAAADA86W2tDxXqFTKCwoK2yoM741uKPS5sNsjEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA88n8AAAD//75iP7A=")
openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYRESHEX=r2, @ANYRESHEX=r1, @ANYRESOCT=r0], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x3800480, &(0x7f0000002200), 0x45, 0x786, &(0x7f00000007c0)="$eJzs3d9rW2UfAPDvSX93e9/2hRd0XhUELYyldtZNwYuJFyI4GOi1W0mzMps2o0nHWgpuiOCNoOKFoDe79se889Yft/pfeCEbU7vhxAupnDRZszXpkq1J5vb5wGme5zwnfZ5vnnOe8yTnkATwyJpI/2QiDkTEB0nEWHV9EhEDlVR/xLGt7W5urOfSJYnNzdd/Syrb3NhYz0Xdc1L7qpnHI+L7dyMOZnbWW1pdW5gtFPLL1fxUefHsVGl17dCZxdn5/Hx+6cj0zMzho88dPbJ3sf7x09r+qx++8vRXx/5657HL7/+QxLHYXy2rj2OvTMRE9TUZSF/C27y815X1WLJ7cYM9gAdB2jF9W0d5HIix6KukmhjpZssAgE55OyI2m+lrWgIA/Kslzc//AMBDqfY5wI2N9Vxt6e0nEt117aWIGN6Kv3Z9c6ukv3rNbrhyHXT0RnLblZEkIsb3oP6JiPjsmze/SJfo0HVIgEYuXIyIU+MTO8f/ZMc9C+16poVtJu7IG/+ge75N5z/PN5r/ZW7Nf6LB/GeowbF7L+5+/Geu7EE1TaXzvxfr7m27WRd/1XhfNfefypxvIDl9ppBPx7b/RsRkDAyl+eld6pi8/vf1ZmX187/fP3rr87T+9HF7i8yV/qHbnzM3W569n5jrXbsY8UR/o/iTW/2fNJn/nmixjldfeO/TZmVp/Gm8tWVn/J21eSniqYb9v31HW7Lr/YlTld1hqrZTNPD1z5+MNqu/vv/TJa2/9l6gG9L+H909/vGk/n7NUvt1/Hhp7LtmZXePv/H+P5i8UUkPVtedny2Xl6cjBpPXdq4/vP3cWr62fRr/5JONj//d9v/0PeGpFuPvv/rrl/cef2el8c+11f/tJy7fXOhrVn9r/T9TSU1W17Qy/rXawPt57QAAAAAAAAAAAAAAAAAAAAAAAACgVZmI2B9JJnsrnclks1u/4f3/GM0UiqXywdPFlaW5qPxW9ngMZGpfdTlW932o09Xvw6/lD9+RfzYi/hcRHw+NVPLZXLEw1+vgAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBqX5Pf/0/9MtTr1gEAHTPc1+sWAADdNtzf6xYAAN023NbWIx1rBwDQPe2d/wGAh4HzPwA8epz/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6LATx4+ny+afG+u5ND93bnVloXju0Fy+tJBdXMllc8Xls9n5YnG+kM/miotN/9GFrYdCsXh2JpZWzk+V86XyVGl17eRicWWpfPLM4ux8/mR+oGuRAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDrSqtrC7OFQn5ZQkKi7URc2DqOHpT27F0iBrdHiZGejU8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD7p/AgAA//+mAybn")
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)={0x30, r6, 0x1, 0x0, 0x100000, {{}, {}, {0x0, 0x19, {0x1, 0x1, 0x0, 0x2000000}}}}, 0x30}, 0x1, 0x0, 0x0, 0x24000001}, 0x1004)
socket$inet6_sctp(0xa, 0x5, 0x84)
r7 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000380), 0x101040)
r8 = fsopen(&(0x7f0000001500)='binfmt_misc\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r8, 0x6, 0x0, 0x0, 0x0)
fsmount(r8, 0x0, 0x6)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r8, 0x7, 0x0, 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r7, 0x40345410, &(0x7f0000000040)={{0x0, 0x1, 0x4008, 0x1, 0x3}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000400)='kfree\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x6, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000009385000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x3f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

475.934822ms ago: executing program 5 (id=6648):
r0 = socket(0x40000000015, 0x5, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000380)={0xffffffffffffffff, 0xe0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000040)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x3, 0x1, &(0x7f0000000080)=[0x0, 0x0, 0x0], &(0x7f00000000c0)=[0x0], 0x0, 0xaa, &(0x7f0000000100)=[{}], 0x8, 0x10, &(0x7f0000000140), &(0x7f0000000180), 0xfffffffffffffe64, 0x1a, 0x8, 0x8, &(0x7f0000000240)}}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
r7 = socket(0x10, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x30, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, r8, {}, {0xffff, 0xffff}, {0xc, 0x3}}, [@qdisc_kind_options=@q_pie={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x4044011}, 0x2000400c)
sendmmsg$unix(r7, &(0x7f00000003c0)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f00000002c0)}, {0x0}, {&(0x7f0000000a00)="f16fc610d57ed59941578956fb6db62c8788eaaf6d46cb2c97a5514a8f03b78b946326b1b4322531b0357b63e4c35b5048e9200ac661a815e4a61c8364344b99f6689ecef616dc01bc2b86813d96d5e1263e0dcb6b8d641e0bcb5b3b902e0961d079af1792412c0b4098f17bce38e011b3267b974addd12e3477193a4ae95141429897c16e11f822b3ed9726da796938cd9fac124a836f7701731420d4dc0fcfaf7a9561bda0e7a50cae2bbd1b0e8bd1c9841824ffb9eac074ba0d2df7af8adb61da6a944cf439d36a4a3a8434751d89783800716976562b37685c15f3133ff0479ed6ab68db375055613bbeb79a16417f7c3ce21026cc41217c1823c2e4538109cf6f71a63d21ef0f467bd6d5d08436076a73e45e5a2403a5169fd5b1cb841083088e7c09167ad242c5609ae50f93684e7233537ce37a57d72df082f305397ee8445b4c83ecf01e46aea32a0610b7a4c6f0b7304a90c257554cfafe525c14bcbd5838c97afb8f13652070b56f388d2001ea003ebc39da4996d90fc4783fbfcf286473ce6ec0d746938b46d78b4e3353a451a7c64b3f5dd82187f003b3fd04f7c103c079065ff2616d9ac8b46370e382036686b813e18762c8ab6bed1d7f24be523766f5b911c90df17f6b38b4e400c1a96b8ecc2ce1d86beebdf4999e9be4aa28ff3024644b1eea01cf62c4d46481ebcac20c1106d328f73491cefabae77fd3f9acf7683e08be70b446999dea63831114f629fc76e5b54c613fc75395e9e53c581370c0214ad426ad2a6c5abf66d3f8e80bb9d7a51e27f8131ed0ac4979dbd3f527170d40bb4a379a975ce6de49996e5dfe1b22c902bc0c218ccba742618ca9138d018cae1f2a03afdfa2f56b09899c44a708a510462826b8b76affb926c42184279bb571e16b8a7f113df487d49007b8496f3a3016d5bcedb00eab0cd6e829bc421f9edc28411903a8092e9988de2b36cfcf2b066a7efe2dc8d659e36dd2b3fbb27d19f93fecc8fbb9263a25fe90d8e5cdcfb0d38b3ffe840bbab6210525435a402dfcdd25038b5985e4cf1307d3b249d5117aa8d3c2205d15ef37a1e33331655f24c9b2ee7835a65f4fea0845b9495712d1f72129c9322bc274904c753fe5ec7e8b75f1b0b81f969cc3fcc9b3735e755984da3777760b8f0a3f5f6dff561a96bfb722b2dd6e7c594edc884760bb5b50310927330dfc6cb3b3bb1eca32caa33dcc70c25feaf2cb529c62a078c6989413877260e7d323cf1a4eb453c0f0190da4d32411bc8b196beb18524f0f4c8e1294b77b1898ec3943b76f9430fac152794b1395f22620351b6a90db15bbc37aae1a73736a2e9e7f9665fda65b8bad459c836f994a27967ee41e9d7e4592708dd39efcf03a53d38983a20a7d9f7ae5cdb93c589c3d70abd1d389cbe346045559c9940107783c3afe2513498897cd18ff95b5094e17da9a352fbb26ca53a785663697ec1737ab395040e1114d6c692d040b80bd078a08ea36bab296fb28744d36e8507a4bb857c91ba6dd8b366297ad5d9c5ea57ee925566277dbf2ce13c4efeb20dda3d0bdf5dbd4a30e2748966fc633b50848994830f17eb1b34d50a5824e44de9a66c9e7a71536530b1af0f8895e03f1a7844893abbcfad1f987a874b993e802185daac930e3832d89bcc49bc9eb20843aabc4bbd3e223d3db1456737a942fb07767365ef4e32d56a835381d77486d8e3b1c00218959a22f7608f3126514498a438c15aa9050bc379b899d376c579211fb39b2621bbf5e0895dfff05730bec8602ab93cc544667be839776ef1cec7f150cb39fe4a07d5401cd1c772220ac43366584355582589863f89180adc1793862e81506117797014bfa084c736bfa05e9d94f6eda1548e8bac56d4d1d2e9a9090297d7728dd5a54752bc15b49696b5fa6716f2026bce876c08dca2970f7f720507f016c82ab6d117a025d1251db28108bc7d93fbb71f924a97427de9c1ac133305d25dcba975f34cdefcf16baabfdbd784b2c5f7f0b21c889db38e6167410ae7fc1cf805ca79e60dc7c65440cfb844770b544d3f8c9cf4fd786963321a545376d7ce8299649e6af7ff30ad6b1e30fdc8116ad7ce8f5ac28bd7d2b5cb3027e21ee5d689dd135aabba84feed8ad84fb6926c876524b4e540216782910f9c7c684389a989dbaed8961d24f5eac31b3979a99887f1ece832014baff747802cf6548c7a5ffcf5dec013db70176d7131e4e4cd75ed94f59e5011aa35678a7c65838b34142758ddf85e71c7285a8b351728764249230f5b363db8067beb4582862690115b0c087fac1f21831e7571ed1f55e2eb73d973917bcfcaef28c4fca7b7ee0349049ce6447a6a7b4d7406f5053ea51aa83aba8dd3383b30612582531ae6808991b1dc91585d56e98a37baa4cab055f308c22928d75387b426f04c4fcb4d22f3a4fb84f8c03e947810224d63bb56fea23d2d445cfd0ab7f3abb9ae4026010e70083055e4127a4ef7e2144269f1547eb813a4b0732cdb5b8d745651489a199a47fa4d28d32252d7228de2ace9d8b8ef776fca0d0f7929d1ae00908887b237a2026d6b689a1a727254f8ac2f286dd1719ef8c53bba95fada938d9409fad446ab1604811113c6b184309af83557d1bd245bfb6edd542e125eda69f09fc98d03df19d71d832149630b7dd4e8436d679d5a69f679ae5160a53595510c36805df4a2dc016cd43a8b1afbe47a8fad8c3357583c90de0b7a97a908f627a448d8c7eed7ae1d30122d1bb8ed82832d3b46f9b19c7af0a8b3ef0d26d4c2e256ea41a44a226b0b08e8f1439e349f544cc1616d8dde3bb0129f80afdfd0ef0f52902735677a31a81f7b0006630e04c2a8ab09eae5dcd604bb064dd4c496c78595a2b3c1426f66a420acb64d96c169553aaaa208526e01534e8a585fbf57c49ae745df042d0c664f3e4c96740794d99d414de3a5f3356a13c833371975450e2ccb51ea6895c39074df4f18cde0a695187c7184d313fd4d729be635c8ac01b5a82d9944f45e1567d594e8b8f2f6b86bff6feb62e4b67d88b25f1f60197b64571dcc3fc38a6de1e6e45666943020b901157869b7b242e97051ff01d9c8db2ca619e20a29f1b6e28c50b836d962f61ac01e822f7deff06529f7403f7d534970e40e7e62cdcd2041bdd5fcb1238b1c4867e167d8c760fa2d0deed47c7a7d136913c8294979294b8117304d08d40b0a5b1e631657a555da82227c529d5e4841a37f2a550bc5e06b6f7e97e14c5e9b3bbe10ff303a7d6427356828cd497419c54ae859918a75ef3b56030ce8474a96f43767f6d85b013602cf3983839b39a12c0b30834b9173f4a4733daa79ac55b1586d27227f25534ee74dd73535426bf4196e1aeb79c51bae6d6bf78aab7f0898afce8f98451761fde3c58531e2a461d2d494c90c77e7adaa86c8eae42ae939e29bd05cf33cf49da50c0ceaac2000fc9f0ab436951f634dfe6d58fdf16302c88b5d1bc7ae5f39ebe71602ddfb2e1c54fbb1c084c0be4bbc71cf1a3c478a6188d06eb745dc51dbda5b278a4827745e11c8c0b1a96427e836cc03d62e7ab30f079568f7d3a375a57cd0718821f53bb7a07d03f072c2abef1f843d88af528e7fa91735d4269c659c05778ce650274bc05975700e9077d981deb78682306101be9d124e64af352b02e7f3cd6706259c68e72a77e346ca86ff9068b03477590e9391acbf20dde92e458c59d18a77f8a0c7811a481fe2ccc522f695ae4df207d1fb9002b582b355961bdd6e1c7ecf4604f3cec7e0746976ee241b9efa4a04b37e89287967ae320a5a6b8da0dfe0dcb3275202af379a0d2855275d33789c81b9fb38ceed359fdcb316a43661ebaadb89e798cb749d02b3e547943e3a0c8de872e3d70f4ba42dcfe4ac112062ff47dc9b56fa7af444c5d5120c2566484d0e7e9e8e188e3281d1c711dddf9a79b584281d8c8cc7d2b21f11b5ad9fa723b30dd8ea2c151a9697d41f04e229df1ff9578fef91fbd2f28829e2950f236925c93acc5cd86f5b65cde7eff850a0f2d8e4946104ed8c2ba07b622cc87ea42c3384e4a7433e7063f18596465d122c556afad2b0d9e66cebd3402e5b32f4e435f7b9402259450f62bcc8591f22f732871ddb1676bf415615654daddc54d00c0b18b42f7ba78d5f9ac30f586b31c1ef5a1e6e23cd984eb82a4484a8217dabce5032141d8b565f7d035b0c5ebc7c5da86644815fc1c70c672ce84b507b46882252a3cde32576f8f0316b432cab08fca98211ff81bfcb2745b9d3e07d3a37cc49cba72bea3bf78490dd06c491b91206a9da624537aa9e9f8aa798f6c876e6851bcdf7c2a3858b20551824fe89bd60ff9986cd2690f906f68100dc671c94cd40aeabae2a25af0a411adc41b9ddf63470d98e80b0016230aaea382c17674c07d0876cf6af131f2403e52194a85f05927dfb74adbba6d9e2fadefd77f20858f24c31b082f39a353f599f7411a776cab0cefa6bb2ee19676e199e74d2cb68d0e8b4d5fa1d901b77887dde7853c9fcd30767c80fd87fba451810648a12a64622f23152581a52d58ccc3bd064e96552915fb3281821cc9c163c1de0974b7aff1b819f444e04827357a3b2ac69e26b0ea6016255807f129d293a7ac7b811dfac93892d18487c5c04453e444fcf2182128784a359eaab88089d5349874014a0c1ca1e3963dd430ed6f1a5c75e67ed28c38b8d9abb7db9a29e2d6d23ebc9a537a26ef5053dd3835b1f13dcee05dcb4fa36f140ee6101aaf5f6c105f4cc0f11178efff259d721db9f3e9fe059292cc9fdde8929d77b01228ac730aba0dbc7e3b3ba14b332152f37bb949105f81575855c010d4b2c2b41b9ea7379c73b3c920c3b8a1bc9d4382024fdaa664fdd74f442baab612199a7aeeeb201105504a98ef3b5f6c551ab83fb94bd270d839884560fa8fca3351e96cd42ed13af632917b3b507b0858633f91fd171eee55b3b70ad6fa49a1212c42652192b0922a909c801b7804763861d6d6e449e9e34a69a058ab77a4aee65688736a6a029ac83f67e8443d9a3802342f39c0ec9135eecc05ce24c635d3e17c69fa85e92c09dfe1cf446b33da41a03bfed6f4b9cd815265d65571cc1d2bb6bae874fd3151ada3b22a7e9bd22347ecd8aaa183d8521ee4596d1d2d3b2c090f69c2449771339cd2f6af0b2138274c50e35a572d3c6005250f0c900b66d612b044cc8e245c8a4ab879708f1dca1e0ce5de9c7c96bdf997dcad2077e4bea21ce8ca362b8e0265feb012a15910baa06b341b906ae5df1c125244a364e2742cb99335d1031b73b971a0852860c5817f1feef66df19c0dd1242f902ad296b2bc2715470afabfdeae94d0ee9b05368c87572d6f8be33f2249281a077722bdba4634ecb4e1d35ee0ee3a6551b1418310d9d3d1fc7c091997c2cf5d8645b57f9966af3435b6b25589adf4f7cdd67a86d4b8ededd5c04a43ad1fa74509a76d6b1c1d3b57c69305c71d8b6128fee157736b9656bd873e6f3abd75a492e8ae1c96bcfa9b912277555a036128537ccd6e673957ceeca6a7977484e04ef948dd2ddeae70e025fc9b35f1571e37d863cca6e3868cc662032204c3d64ec81898d63bdfc13a331bcbefb72bf52909f7286e12885cada241853c54e581ec640343a56df9eea33209", 0xfa7}], 0x3}}], 0x1, 0x20000804)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r6, 0x0, 0x7}, 0x18)
socket$key(0xf, 0x3, 0x2)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="0100000000000000000003000000400001802c0004001400010002000000ac14140f00000000000000001400020002000000ffffff53a2513743897e44000d0001007564703aa3"], 0x54}}, 0x0)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200010, &(0x7f0000000c40)={[{@resgid}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}, {@jqfmt_vfsold}, {@nobarrier}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@sb={'sb', 0x3d, 0x97}}, {@discard}, {@noauto_da_alloc}, {@stripe={'stripe', 0x3d, 0x2}}]}, 0x3, 0x572, &(0x7f00000006c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwIF6kCCIWxD/Au8fiH6B/RUELRUrQg5fIbGbbbZLNJunWbJ3PB6Z9b2ayb96++b79zs4uG0BhjWT/lCJejoivk4iDbdsGI984srLf0sNrk9mSxPLyJ38mkeTrWvsn+f/788pLEfHLFxHHS2vbrS8szlSq1XQur482Zi+P1hcWT1ycrUyn0+ml8YmJU29NjL/7zts96+vr5/7+7uO7H5z66ujStz/dP3Q7iTNxIN/W3o+ncKO9MhIj+XMyFGdW7TjWg8b6SbLTB8C2DORxPhTZHHAwBvKoB/7/rkfEMlBQifiHgmrlAa1r+x5dBz83Hry/cgG0tv+DK++NxJ7mtdG+peSJK6Psene4B+1nbfz8x53b2RJd3oe43oP2AFpu3IyIk4ODa+e/JJ//tu9k883jja1uo2ivP7CT7mb5zxvr5T+lR/lPrJP/7F8ndreje/yX7vegmY6y/O+9dfPfR1PX8EBee6GZ8w0lFy5W05MR8WJEHIuh3Vl9o/s5p5buLXfa1p7/ZUvWfisXzI/j/uDuJ/9mqtKoPE2f2z24GfHK4/w3iTXz/55mrrt6/LPn41xW+PXLrm0cSe+82mlb9/63630GvPxjxGvrjv/jO1rJxvcnR5vnw2jrrFjrr1tHfuvU/tb633vZ+O/buP/DSfv92vrW2/hhzz9pp23bPf93JZ82y7vydVcrjcbcWMSu5KO168cf/22r3to/6/+xoxvPf+ud/3sj4rNN9v/W4Vsdd+2H8Z/a0vhvvXDvw8+/79T+5sb/zWbpWL5mM/PfZg/waZ47AAAAAAAA6DeliDgQSan8qFwqlcsrn+84HPtK1Vq9cfxCbf7SVDS/KzscQ6XWne6DbZ+HGMs/D9uqj6+qT0TEoYj4ZmBvs16erFWndrrzAAAAAAAAAAAAAAAAAAAA0Cf2d/j+f+b3gZ0+OuCZ85PfUFxd478Xv/QE9CWv/1Bc4h+KS/xDcYl/KC7xD8Ul/qG4xD8Ul/gHAAAAAAAAAAAAAAAAAAAAAAAAAACAnjp39my2LC89vDaZ1aeuLMzP1K6cmErrM+XZ+cnyZG3ucnm6VpuupuXJ2my3x6vWapfHxmP+6mgjrTdG6wuL52dr85ca5y/OVqbT8+nQf9IrAAAAAAAAAAAAAAAAAAAAeL7UFxZnKtVqOqfQsXA6+uIwtl1Iuo3y6fxk2NIjR14Y3PkOKjyDwg5PTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ5t8AAAD//8nLNLM=")
r12 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r11, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r13=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r11, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r12, @ANYBLOB="010000000000000000000f000000050030000000000005002f000000000008000300", @ANYRES32=r13], 0x2c}}, 0x0)
sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(r5, &(0x7f00000017c0)={&(0x7f00000016c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000001780)={&(0x7f0000001700)={0x5c, r12, 0x200, 0x70bd28, 0x25dfdbfc, {}, [@BATADV_ATTR_ORIG_INTERVAL={0x8}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x6}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0xc5b5}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x200}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x4}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x9}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x3}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_BONDING_ENABLED={0x5}]}, 0x5c}, 0x1, 0x0, 0x0, 0x2143333bd58199c1}, 0x40080)
sendmsg$nl_route_sched(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=@newtfilter={0x24, 0x11, 0x1, 0x691522ec, 0x0, {0x0, 0x0, 0x74, r3, {0x10, 0xf}, {}, {0x5}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)
sendmsg$nl_route_sched_retired(r0, &(0x7f0000001680)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000001640)={&(0x7f00000003c0)=@deltfilter={0x1248, 0x2d, 0x200, 0x70bd27, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0xffff, 0x3}, {0x4, 0xfffb}, {0xffe2, 0xd}}, [@f_rsvp6={{0xa}, {0x1218, 0x2, [@TCA_RSVP_ACT={0x8b4, 0x6, [@m_simple={0x74, 0x5, 0x0, 0x0, {{0xb}, {0x44, 0x2, 0x0, 0x1, [@TCA_DEF_DATA={0x14, 0x3, ' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @TCA_DEF_PARMS={0x18, 0x2, {0xff, 0xf, 0x7, 0x10, 0x87be}}, @TCA_DEF_DATA={0x14, 0x3, ' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}]}, {0x6, 0x6, "8d7b"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x3}}}}, @m_nat={0x148, 0x1, 0x0, 0x0, {{0x8}, {0xcc, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0x101, 0x8, 0x6, 0x3, 0x8}, @multicast1, @initdev={0xac, 0x1e, 0x1, 0x0}, 0xff000000, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x80000001, 0x4, 0x8, 0x1, 0x2}, @loopback, @local, 0xff}}, @TCA_NAT_PARMS={0x28, 0x1, {{0xe, 0x4, 0x7, 0x944, 0x8000}, @multicast1, @broadcast, 0xffffffff, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x0, 0x6, 0x6, 0xe1f, 0x9}, @private=0xa010101, @dev={0xac, 0x14, 0x14, 0x31}, 0xffff00, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x2, 0xb19, 0xffffffffffffffff, 0x5, 0x8001}, @broadcast, @local, 0xffffffff}}]}, {0x57, 0x6, "db479e9c5f5ed9eea4ab8203221bbf65a9aed8361137f9cb190171d3e59543a6509c4848cb5b06baf771d06128cb88343b7514b69c0c0ac34c452789e415d96c8505b47b58b23c41a4d5004cc4baccd672d049"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}, @m_xt={0xc8, 0x5, 0x0, 0x0, {{0x7}, {0x54, 0x2, 0x0, 0x1, [@TCA_IPT_TABLE={0x24, 0x1, 'nat\x00'}, @TCA_IPT_TARG={0x2a, 0x6, {0x1ff, 'nat\x00', 0xc0, 0x7f}}]}, {0x50, 0x6, "14ea4185c5f48e9b5b7affbcc6067b8c2421cad2dfe062451c7082720dcb418fd69cdb158c81ca1c45c806b71be636fe8e64663c1a811755b7b23d973ae4e5b817a5547f91bc25241a446665"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2, 0x3}}}}, @m_connmark={0x198, 0x0, 0x0, 0x0, {{0xd}, {0x90, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0xd, 0x101, 0x1, 0xffff, 0x3}, 0x3}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0xb, 0x7, 0x3, 0x2, 0x6}, 0x2}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x9e9, 0x3, 0x10000004, 0x9, 0x10001}, 0x65c0}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0xfffffffa, 0xb, 0x2, 0x1, 0xfffffffe}, 0x9}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0xcab, 0x7, 0x1, 0x1, 0x5}, 0x4}}]}, {0xda, 0x6, "5c8cc344233bd33283e45f5ec4ff259ab225767d0337ddd1c23867c9a98b99dd882e8ef4674c43ad313d34e7efabe14a4f3d31d3bf75fc8f72e7355e9358f3cbe80d74789b1a0e00b92fa963b8ee4ff0bb4113410cd295cf146a4e3b8d914f7fcc1a77a68b5a5de6ecff349f2d3222a0e689ff19e5c26da4c2947d8262f67766b8f5abd602843debdb38b7278c3a0dacf81169bc0416b2ab5308229c053c11c30192953d3f4904359e48bf121394d949f58f9966ddd029d1371d46e6649a556a4c294befb1cfa3e340f863595cb86345784a05c311dd"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x3}}}}, @m_tunnel_key={0x138, 0x0, 0x0, 0x0, {{0xf}, {0x20, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0x8, 0xffff, 0xffffffffffffffff, 0x6, 0x200}, 0x2}}]}, {0xeb, 0x6, "13dc44f59470f4706477041d154a35c752cdc24bfd144e4b996a8873b629af9dbbd19f285bae9aa87366f6492a7a0ea6022d537cf727c4e93b2394fc0a60b1ac94e631f6ac3f60db47eb76bd78b15a1e467275b78368a954fc79d1768e50a5848deff7ad7e6afb33d805118f1e4962b10598577e5df1dd942ce6e0c6c4c9d21b64edc5561b98875ad6b70f88e2d0a93d11095d0bb7d7daba54cc9943ea8282b4aeb7c451e187f127d8784bc538bd5ad83e9efd55505dbbc04895ed388cdf49a1435837194b2c84bdd4de093e1f1f42cbc3da95af3d0c43b722cc76bd8246309e0f1aa5555449c0"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3}}}}, @m_gact={0x11c, 0xb, 0x0, 0x0, {{0x9}, {0x7c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x8, 0x6, 0xffffffffffffffff, 0x1, 0x6}}, @TCA_GACT_PARMS={0x18, 0x2, {0x80000000, 0x8, 0x4, 0x6, 0x1}}, @TCA_GACT_PARMS={0x18, 0x2, {0x6, 0x6, 0x10000008, 0x4, 0x1eba}}, @TCA_GACT_PROB={0xc, 0x3, {0x2, 0x1c72, 0x10000006}}, @TCA_GACT_PROB={0xc, 0x3, {0x2, 0x2f1, 0x20000000}}, @TCA_GACT_PARMS={0x18, 0x2, {0x5, 0x619f, 0xffffffffffffffff, 0x10000, 0x9}}]}, {0x77, 0x6, "cb07d15008ba5a6610661450b8893ec8f00da2d6ed74599431b95b1d9e1b51b3f88cc15274fc8d0d3514ee40135d221d9c9aea3965940623eca478643c7cf942facff3bba3ac6fee577a101491e6b2c1eec43d2c44eb24f6675be09598585fd83c20ed93a74284fd9695def10a27d4176cf6a9"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3}}}}, @m_csum={0x124, 0x4, 0x0, 0x0, {{0x9}, {0x3c, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x80, 0xa7, 0x8, 0x0, 0xb}, 0x4a}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0xfffffffe, 0x80000001, 0x5, 0x9, 0x5}, 0x19}}]}, {0xc0, 0x6, "99528cdf9ace41f84e60d96b4b6587d86351e1054f999de314a04fbcb324d0a028ce65ab38fb3c4cf4167c5310e455fb682d090ce1ee07716aa581ebfbf10a951f5d2bd368c88ae18883fde0a4d14b52ae8b461bf84bc51dc329743a541a386df010f3092aaea00ffd4d1ec5fc62321d74468f18a8b43c3ae9d4b878a2a3fffa8343e44ec8b4b96154af8d6e05b57b104e4f883a5e9aa2e650cfbe21230633f0dc05d1b4819011c293bd747b24f358c820e6e6ee79ec5ca57fe55f38"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x6}}}}, @m_ct={0x11c, 0xf, 0x0, 0x0, {{0x7}, {0x84, 0x2, 0x0, 0x1, [@TCA_CT_NAT_IPV6_MIN={0x14, 0xb, @private2}, @TCA_CT_LABELS_MASK={0x14, 0x8, "b5a0be60e1c98544d39524a77e69c0b0"}, @TCA_CT_NAT_PORT_MAX={0x6, 0xe, 0x4e24}, @TCA_CT_NAT_IPV6_MIN={0x14, 0xb, @private2={0xfc, 0x2, '\x00', 0x1}}, @TCA_CT_MARK_MASK={0x8, 0x6, 0x4}, @TCA_CT_ACTION={0x6, 0x3, 0x8}, @TCA_CT_NAT_PORT_MIN={0x6, 0xd, 0x4e23}, @TCA_CT_LABELS_MASK={0x14, 0x8, "7ae8065cec8875aa6b5a1a91c3f1c787"}, @TCA_CT_NAT_IPV4_MAX={0x8, 0xa, @empty}, @TCA_CT_MARK_MASK={0x8, 0x6, 0x10001}]}, {0x73, 0x6, "7fd0f284dca3f974b2d1aa0b9fa0b475e356ab2702120622cdc9001bf3faee948974bf0cfba126537970356ae930840d0c0bdc56d4ccf23ed84438751889c72bc0ca0aa857681aa75eeecbad6eccff850ab99c4d3d9a9fbe146e219bbb332709484e75cbc67b99deae276b10d05390"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}]}, @TCA_RSVP_SRC={0x14, 0x3, @loopback}, @TCA_RSVP_PINFO={0x20, 0x4, {{0x0, 0x3bc97d55, 0x8fc}, {0x2, 0x6, 0x74de}, 0x2, 0xc, 0x5}}, @TCA_RSVP_CLASSID={0x8, 0x1, {0xa, 0x1b}}, @TCA_RSVP_ACT={0x51c, 0x6, [@m_bpf={0xf0, 0x16, 0x0, 0x0, {{0x8}, {0x58, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS={0x2c, 0x4, [{0x0, 0x10, 0x5, 0x3ff}, {0xf, 0xff, 0x6, 0xfffffff7}, {0x57, 0xe5, 0x9, 0x8}, {0x7, 0x8, 0x79, 0x5}, {0x8001, 0x9, 0x4, 0xffffffff}]}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x4, 0xfffff800, 0x10000000, 0x9, 0x3bda}}, @TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x3}, @TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x6}]}, {0x72, 0x6, "fd36cc00ba10e44063c5f8d7cef451902e28b0d7a35672073c1db5ace01bc1478f7529117f9e9704040c8849261e7dada03002250fb04a6d2069d76290c0b0babb097d87113dc5bf321584a175da11cd7acd234ced5df94a359dee48d6b1718788fa2a60c8711846fe98e0674145"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0xae907f63f3d74cf3, 0x2}}}}, @m_ct={0x6c, 0x17, 0x0, 0x0, {{0x7}, {0x14, 0x2, 0x0, 0x1, [@TCA_CT_ACTION={0x6, 0x3, 0x20}, @TCA_CT_ZONE={0x6, 0x4, 0x8}]}, {0x31, 0x6, "6f9adfd89421ddf5fea6ba6c1949f647b8397e528422bc409aa19a09caa603dc87c78895358feda67f8265df43"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0xc56bfa3fd0eae54d, 0x1}}}}, @m_ct={0xcc, 0x2, 0x0, 0x0, {{0x7}, {0x78, 0x2, 0x0, 0x1, [@TCA_CT_MARK_MASK={0x8}, @TCA_CT_ACTION={0x6}, @TCA_CT_MARK_MASK={0x8, 0x6, 0x8}, @TCA_CT_NAT_IPV6_MAX={0x14, 0xc, @loopback}, @TCA_CT_LABELS_MASK={0x14, 0x8, "8804bcaf01fd42f2c376a069d5d5d4bd"}, @TCA_CT_PARMS={0x18, 0x1, {0x8, 0xd02, 0x8, 0x9b4, 0x5}}, @TCA_CT_MARK_MASK={0x8, 0x6, 0x2}, @TCA_CT_NAT_IPV6_MIN={0x14, 0xb, @rand_addr=' \x01\x00'}]}, {0x30, 0x6, "d9bf9665387d3b9ef40ec4b8e86921178f91e6b4c3009256eedf1e94d0685b853ee74db05ce0aa380900da8c"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_ife={0x60, 0xe, 0x0, 0x0, {{0x8}, {0x10, 0x2, 0x0, 0x1, [@TCA_IFE_SMAC={0xa}]}, {0x2a, 0x6, "dec0569aa6e50cbbc92d4009b6d546764ec53521323b34b943a436f6725180636c38cb1b6374"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x6}}}}, @m_mirred={0x154, 0x6, 0x0, 0x0, {{0xb}, {0x64, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0xff, 0x1, 0x10000000, 0x1, 0x9}, 0x2, r1}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x4, 0x2, 0x7, 0x4, 0x8}, 0x4b49f4e3941e0d8d}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x8, 0x5, 0x9d230b4c3424eec9, 0x4, 0x9}, 0x1, r3}}]}, {0xc5, 0x6, "14605f9db9509bc1fd2d1452ac1e4ab8cb5a3a8af1bd55eef40b79ae063f4459bb03ee3a02bf9dd55b0afaef34e7548ce053ad5bbfa91711cc12569165bbd4469d86d73c16963b0a4336a01e2b4cea4c1ffb3b366d94042601f63cb5ead302a6fa9daf9165e545c4d41a1f2318ce6b128a1ca7be5ac56d6a3a9c221aa5c955faccbd5a8fd37d1c6d33cfcbd7c28cbef9914d7d20391670c46d15048b468f0a3dc309d8e74d161b9d762ab4d67ca395ae44eef2e0153ae5843af51e39bd7c30daad"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_tunnel_key={0x13c, 0xf, 0x0, 0x0, {{0xf}, {0x14, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @loopback}, @TCA_TUNNEL_KEY_ENC_KEY_ID={0x8, 0x7, 0x1}]}, {0xfa, 0x6, "cb24e0706955ab4fbf0114da6d1071052c291dfa2ff3bff0d62f7545a1d251f3de25548910cf3177d3cdb8168d414eccb617cfda21fb3a8393083dff8b9e08f0be7afc5fe9584350ebd6263d6e29530f59d77855fec2097b1745e3f331bda462624aa9de4f25e0e5f809f737b11d9212a8dac9345ec7bf47d413fc15afa0e829cb7e0aaebd702209da6d0d594a5805643c0ecf289931847f889a93e99c546b9f4f02ea66586d2b3c50081e0c45b54b5197da527bd0364fa1a5a4ae4fefbf43b8477079f6c92155c23285fabd0ea51f4497e99adcfd3dc993987b6a50b773d3f99100c4d9463c59e7ec74e4ae57682811b94d4d6d55c5"}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}, @TCA_RSVP_POLICE={0x408, 0x5, [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x8, 0x3, 0x6, 0xffffff0c, 0x15800000, 0x8fe, 0x35db046b, 0x5, 0x5, 0x4fe8, 0x3, 0x6, 0x3, 0x1, 0x8, 0x4, 0x3, 0x101, 0x4, 0x0, 0x7, 0xfff, 0x3, 0x800, 0x1000, 0x1, 0x2, 0x6, 0xb5d2, 0x6, 0x2, 0xfffffffb, 0x556, 0xfffffff7, 0x3, 0x1, 0x7fffffff, 0x3e70201d, 0x67, 0x5, 0x6, 0x38bf, 0x0, 0x7f, 0x8001, 0x0, 0x91, 0xfffffff7, 0x13, 0x6, 0x1, 0x2360, 0xc, 0x3af, 0x9, 0x5, 0xa3d, 0x401, 0x100, 0x6, 0x0, 0x8, 0x60a4653a, 0x3, 0x10, 0x7fffffff, 0x2, 0x5, 0x6, 0x6, 0x5684, 0x2, 0x8, 0x2a4b0ad, 0x5, 0x0, 0x8, 0x2, 0x6b, 0xfffffff8, 0x9, 0x9258, 0x1000, 0xfffeffff, 0x3d, 0x401, 0x8001, 0x800, 0x2, 0x1ff, 0x0, 0x1, 0x6, 0x3, 0x9, 0x2, 0x9, 0x7, 0x0, 0xade, 0x5, 0x0, 0x7, 0x5, 0x703b4d26, 0x3eba9156, 0x81, 0x3, 0x0, 0x9, 0xffffffff, 0x2, 0x0, 0x4, 0x8001, 0x2, 0x3be6, 0x9, 0xec8, 0x0, 0x1, 0xfffffffb, 0x9, 0xcf84, 0x6, 0x2, 0x0, 0x200000, 0x5, 0x7, 0x8, 0x0, 0x3e0a, 0x7, 0x1, 0x3, 0x5, 0x529d54a7, 0x6, 0x5, 0x2, 0x7fff, 0x7, 0x37b32d6f, 0x0, 0xd, 0x8, 0x69, 0x7, 0x8b, 0x9, 0x9, 0x7fff, 0x1, 0x6, 0x6, 0x5, 0xd4f0, 0xa, 0x800, 0x7, 0x9, 0xc, 0x2, 0x2, 0x81, 0xd461, 0x9, 0x8, 0x2, 0x40, 0x5, 0x4, 0x7, 0x5716, 0xd, 0x3, 0x9, 0x3, 0x2, 0x7, 0xb946, 0xf6d, 0x7ff, 0xfffffffd, 0x101, 0xf9, 0x7f, 0xfffffffd, 0x2, 0xaa37, 0x81, 0x7fffffff, 0x1, 0x32ab, 0x7, 0x5, 0x9, 0x3, 0x3, 0x8, 0x80000001, 0xe, 0x4, 0x3, 0x8d, 0x800, 0x9, 0xde, 0x3, 0x8, 0x2, 0x4, 0xf, 0x4, 0x3, 0x6, 0x68, 0x3, 0x100, 0x2, 0x2954e341, 0x6, 0x4, 0x9, 0x80000001, 0x3, 0x1, 0x9, 0x4, 0x8, 0x400, 0x9, 0x8, 0x2, 0x1000, 0x8, 0x3, 0x2, 0x7, 0xfff, 0x4, 0xc, 0x1, 0x3, 0x1, 0x8, 0x800, 0x7f, 0x9, 0xfdae, 0x1, 0x3, 0x4, 0x3]}]}]}}]}, 0x1248}, 0x1, 0x0, 0x0, 0x80}, 0x80)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x101}, 0x1c)
getsockopt$sock_buf(r0, 0x1, 0x1c, 0x0, &(0x7f00000001c0)=0x3b)

350.792892ms ago: executing program 5 (id=6649):
r0 = socket(0x10, 0x2, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r1, &(0x7f0000000340)={0xa, 0x3, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffe}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x1, &(0x7f0000000080)=@gcm_128={{0x304}, "a6341a1a379332f5", "1fd33c81cf7995313c09de00fd6ded74", "62266bd8", "1e00040000000100"}, 0x28)
write$binfmt_script(r1, &(0x7f0000000500)={'#! ', './file0'}, 0xb)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000280)={&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd87}, &(0x7f0000000240)=0x40)
writev(r1, &(0x7f0000000100)=[{&(0x7f0000000a40)="fb", 0x1}], 0x1)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000040)=0x1, 0x4)
close_range(r0, r1, 0x2000000)

336.259643ms ago: executing program 2 (id=6650):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(0x0)
splice(r0, 0x0, 0xffffffffffffffff, 0x0, 0x39000, 0x0)
r2 = memfd_create(&(0x7f0000000080), 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x161281, 0x0)
write$binfmt_aout(r3, &(0x7f0000000080)=ANY=[], 0xff2e)
ioctl$TCSETS(r3, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "0040001e1d113c812e5d6000"})
r4 = syz_open_pts(r3, 0x0)
dup3(r4, r3, 0x0)
ppoll(&(0x7f0000000140)=[{r3}], 0x1, 0x0, 0x0, 0x0)
sendmmsg$inet(r0, &(0x7f00000009c0)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000040)="fce6a65c476d7c8c264d89763af875dc03d87049f2f527d86797599a9ba87344b843b7791d0e6a1f8687b680d93827e5f2363f513e9fb292482f32473015438634d249bf031f29e00ebb4ca0d5038b4f6ccd7d6239c8ac178540b41256c689e03fa84b3cad6361d6b842ed075c9afbe92c76a02ffe8db8dae05ec54b6be751fcb74cc0c456a3ac60753f66ac4742cdfc13601a228ead50f47d0a41fc506015da89e19a1c7461b2ea38721efd0974373e09ab579abc2f4eec06b5f5cbf01d89dbd1dba637828de99ca5ea524c42677be35aefb80b6a3702", 0xd7}, {&(0x7f0000000140)="5cb3ff2c81739989ec1472bff9e777cf789d74f2cd798dd4a7093b03b023490e4331df1852dc52e0e4b44feab755d8c4dd9ded5bfaabfec9b0a13995871c9e5a78c4be16ed438dc63e1c883d69f4100c0a65e847f6b21f44d01cdcf831cf13fa512895bea9e9f57e18114533aef5663f68898ad3f097e0dcbd51d147a410e0cacc70609e91b49f36f21f9a6d2a1849af582de6182929910b699711381cd2a6d0", 0xa0}], 0x2}}, {{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000280)="7f88aa81657e5d0939e7f823c15f1eb44edbf5275e956dd65492f804b661c892583fe6a8e0096fa49a4eb5cd508a05a4279121e8723924d68f4009aa943fd9b0f9e516b7506a6a60282b0f2141731bac5c4ffed122679d380d042fd0532a0b9cc09b427d4c8ef4bca4ae606ef04e37e5be682932f375f8d3d8c0cabecbdabf98c6c29ec72968da81d885bf0870edc504ef2c50fe125894e4cec0cafb9eab00e5be6b357c4d9e038e5942c91dc14f1667a512", 0xb2}, {&(0x7f00000003c0)="d2380f2b333142348134cec70218355b31321668ed6593f3234cd64513bb546699610b729879ff1fabed7d863904bf4dd4cb5e69400668d67b958c1080e514c24592b0a24af3d55a5de16d488486a67b57a25a5d511b9bed65f3b5f1d1c64a33f7c78d3c80180e674793f0fe0ddf14503fa42923f568fb8f06cd950fbb79af54f88faf58ada57b5631caaeef633f844a49f267c3969da4a67d6c4f5029e4a4702b4bc9267496f7733e2b676d20a6a17e82dcdd9fba4b719e503d6bb6e3", 0xbd}, {&(0x7f0000000480)="410bfefea1ffc083cbd8197fdbdc8be4deae6bf2d6ca3ef609e36af0617ecd15166f9077a475dc924bbfa0aa27afdde8affe7e361b0331778105ef9ecad56d7f9e52a3eb0d42f59e35e8a053b9850c6ea54a0787c9a82310ae0f0976d13e1be57e7b415a9acd7ee5d0762cbafa63a50cbc7125e80f86d4f9caa9b72d28729a47697225d72eff1d5519085bcb2c08227db6569fbb08323acc0c7c263d65607ed74b6b9dab86e7da44d65a71ce0216f9f8285e07f6c5", 0xb5}, {&(0x7f0000000580)="413e088593bda580c2d517877477a11df0c2aa265d1ca42530ecd7fbaa4922ce3584b01e98575691f3794262470437eb59306f97be02d367e296ab9d8b0bf93de5a54cb36e4f4a896fffaba0c44fc509b43dacfc805e7ecfb9dc500718ce387f7798bb86c5b650adf81bf0a9f8", 0x6d}, {&(0x7f0000000600)="e70c8366ec565c821dc68be04822fb735af7524b7c3344d61aa7097deb7981677922c8528773fdcf46d6cb14986884c00053c619a23d6babd565590af975fea0a040e6b20b2480fab0682263a5bf384af8cc68a04bc16c6c81ad6e18a1c6f4b5c681d2ec4a67bc00da4429559abcb00a62d48b1119dafe91ada08589577d935934d0a06fc52a", 0x86}, {&(0x7f00000006c0)="aea9b2102cfb84c088affbfc2b8123d1b6846d43192b6c1de488fb5bed1a87ed0a5a9e2df0cf44774d13c6c14a8197db21bd9e45dd41ea5b7104c92dff9fe982f28722769843db157c26d7934e09a1fcf252244cdf0388ed3e52f12fc58114375f62ea250e98b77178d449a027dceb1f0a0534ab89fa83489d0c517d", 0x7c}], 0x6}}, {{0x0, 0x0, &(0x7f0000000940)=[{&(0x7f00000007c0)="4b7754216387c6ced88aa699eed4a9b5d0166406715898520b00ff1cef9a82e509d05730d26bf892917e7de13a37374ae2ad7ff45077f83bf635882b4b808c08e8e224fc1fd75ce9e482a586e94e32f8d1245e8beee4d9ab95e9f7550cd467f425106b3fbd4d4b7a105a15cc09501567717f3a2b4cbc6e588fffab74bd679ae82f6439057f1ce02644bff541a3aad71c4c57966daa97", 0x96}, {&(0x7f0000000340)="51458a7f9ce38c90c0cf820bd8ecbb3627fa97ad2a6fbb1c", 0x18}, {&(0x7f0000000880)}, {&(0x7f00000008c0)="c62b897a1b9e3166454d0cd7f606af7dce572f07f9bca4a9d3cbe8f558c7849b8263ad52d31f84d1abf18930997134c0c9544aacbe0c07a156896f1b9b3b4635ceda0c6e7f6879f10f4d37bd8a3e50191a2df68c0bfdbef246e281473c2985da2d68", 0x62}], 0x4, &(0x7f0000000980)=[@ip_ttl={{0x14, 0x0, 0x2, 0x3}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x6}}], 0x30}}], 0x3, 0x11)
splice(0xffffffffffffffff, 0x0, r2, 0x0, 0x408cd, 0x800000000000000)
syz_emit_ethernet(0x26, &(0x7f0000000a80)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaabb8100260089020101884c060000022daa41df7773aaaaaaaaaaaae56185a0d3ee0d2a5ca2d564add0f6403a7f12d61195fbaa80d91672935e2e04da4665cfeb4ac4b9a6aac60e7cdb85a28f3a1237026f85bec737eeb5845285769503dec53622f228d5dcd6800977cd109f0f6d9f97ce7c8f337c512b973a7091c0fc394d197b7603e2529344b4bbebf9050ca75f44636529f363c136926a2950f120334d45ed14c8310ba3d78ee25f7ce8dd282e95954c8dbfb8b2a00bc3e9a449bd4eda7d7a3e1ddf5e782978aab2d2da4cee7b82bdbd14c4524288ffaf3ccc236bc1ce7e856155ce864b8443c909a0cdfb6c42c3bfead9139d7694995d7bf7e7c2f8e684d274fc2e4fcb938f7115d3e6daf397f52aff91111b933b56ddf6afac7ffc5b23c5d74a505a1731516bef6494da1f475b4fea90b1774ecc"], 0x0)
write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[], 0xfffffe3e)

316.800405ms ago: executing program 4 (id=6651):
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
unshare(0x400)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x0, 0x0, 0x0, 0x1, 0x99, &(0x7f0000000240)=""/153}, 0x94)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0, 0x3, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x8a, &(0x7f0000000540)={[{@jqfmt_vfsold}, {@usrjquota, 0x22}, {@errors_continue}, {@grpquota}, {@data_err_ignore}, {@grpjquota, 0x22}, {@nodiscard}, {@errors_remount}, {@nodelalloc}, {@sysvgroups}, {@norecovery}]}, 0x1, 0x455, &(0x7f0000000d80)="$eJzs3M1PXFUbAPBnZhha2vLCW2u12CpajcQPKPTDLtzUaOJCExNd1LhCoA12WkzBxDZE0QUuTRP3xqWJf4Eb68aoKxO3ujcmxLCxuhpzZ+6FKcwAAwNTnd8vue05cy4557n3nplnzp2ZADrWYPJPLuJQRPwSEX3V6t07DFb/u7M8P/HX8vxELsrl1//IVfb7c3l+Its1+7uD1Uq5vEG/i29FjJdKU9fT+sjc1XdHZm/cfHb66vjlqctT18bOnz9z+kT3ubGzLYmzNxnrwAczx4+9/OatVycu3nr7h6+S8R5K22vjaJXB6tGt64lWd9ZmvTXlXFcbB0JTChGRnK5iZf73RSF6Vtr64qWP2zo4YFeVy/nyvsbNC2XgPyxJ1IFOlL3QJ+9/s22PUo97wtKFWFnHuJNu1ZauyKf7FNP3SLthMCIuLvz9ebLFLq1DAADUun0hIp6pl//l4+j+1f3+l94b6o+I/0fE4Yi4LyKORMT9EXE0Ih6IiAeb7H/tHZL1+U+5b3uRbU2S/z2f3tu6O//Lsr/oL6S13kr8xdyl6dLUqfSYDEVxX1If3aCPb1/8+dNGbbX5X7Il/We5YDqO37vWLNBNjs+N7yTmWksfRQx01Ys/t5LzJvnxsYgY2GYf0099ebxR2+bxb6AFSXn5i4gnq+d/IdbEn8k1vD85+ty5sbMj+6M0dWokuyrW+/Gnxdca9b+j+Ftg6XY5DtS9/lfi78/tj5i9cfNK5X7tbPN9LP76ScP3NNu9/rtzb1TK3elj74/PzV0fjejOvbL+8bHVv83q2f7J9T90sv78PxyrR+KhiEgu4hMR8XBEPJKO/dGIeCwiTm4Q//cvPP5O8/FvsCrfQkn8k5ud/6g9/80XCle++7r5+DPJ+T9TKQ2lj2zl+W+rA9zJsQMAAIB/i3zlM/C5/PBKOZ8fHq5+hv9IHMiXZmbnnr408961yepn5fujmM9Wuvpq1kNH07XhrD62pn46XTf+rNBTqQ9PzJQm2x08dLiDDeZ/4rdCu0cH7Drf14LOZf5D5zL/oXOZ/9C5zH/oXPXm/4dtGAew9zZ5/e/Zq3EAe0/+D53L/IfOZf5DR2r43fj8jr7yr9CmwjfdO/uthq0XIn+PhLzrhWJE7EVfxajb1LXlH7PYZmFf3aZ2PzMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC0xj8BAAD//37l4X0=")
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x4e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file2\x00', 0x2004d95, &(0x7f00000000c0)={[{@barrier}]}, 0x1, 0x523, &(0x7f0000000a80)="$eJzs3c1vHGcZAPBnNrtJnDi1+ThAJUKhRU4F2bVr2locSpEQnCohyj0Ye21ZXnst77qNVxV1/gIkhACJE1y4IPEHIKFIXDgipEpwBqkIhCCFAwfooJ2d9Vd27W262XXs30+azPvO1/O8m8zszOybmQAurGci4tWIeD9N0+cjYiqSbHohH2KvM7SXe+/BW0vtIYk0ff0fSbZku97dVpKPr+erXY2Ib3494jvJw3Ebu631xVqtup3XK82NrUpjt3V7bWNxtbpa3Zyfn3tp4eWFFxdmh9LOGxHxylf/8sPv/fxrr/z6C2/++c7fbn23ndZkPv9wOz6g4kkzO00vZZ/F4RW2HzHYWVTMWpibGGyde48xHwAA+muf4380Ij4bEc/HVFw6+XQWAAAAeAKlX56M/yYRaW+X+0wHAAAAniCFrA9sUijnfQEmo1Aolzt9eD8e1wq1eqP5+ZX6zuZyp6/sdJQKK2u16mzWVzirJ+36XFY+qL9wrD5/pXO/4QdTE1m9vFSvLY/75gcAAABcENePXf//e6pz/Q8AAACcM9PjTgAAAAB47Fz/AwAAwPnn+h8AAADOtW+89tpERKTd918vv7G7s15/4/ZytbFe3thZKi/Vt7fKq/X6avbMvo3Ttler17e+GJs7dyvNaqNZaey27mzUdzabd9aOvAIbAAAAGKGPfPr+H5OI2PvSRDa0XR53UsBIFPdLST7usff/6anO+N0RJQWMxKUBlnn3yggSAUauOO4EgLEpjTsBYOySU+b37bzzu3z8meHmAwAADN/MJ/v//l84cc29k2cDZ56dGC6uY/t/2jauXIDRyn7/H7TDr5MFOFdKA/UABM6zD/37/6lcVwAAwLhNZkNSKOe39yajUCiXI25krwUoJStrtepsRDwVEX+YKl1p1+diwP84CAAAAAAAAAAAAAAAAAAAAAAAAABk0jTpvPQHAAAAOLciCn9NfpNk7/+amXpu8vj9gcvJf6Yif0Xomz95/Ud3F5vN7bn29H/uT2/+OJ/+wjjuYAAAAADHda/Tu9fxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBM7z14a6k7jDLu378SEdO94hfjaja+GqWIuPavJIqH1ksi4tIQ4u/di4hP9IqftNPaD9kr/sTjjx/T+afQK/71IcSHi+x++/jzaq/9rxDPZOPe+18x4kj9UR05/rVuHjn+do9/l/rs/zcGjPH0O7+s9I1/L+LpYu/jTzd+0if+swPG//a3Wq1+89KfRsz0/P5JjsSqNDe2Ko3d1u21jcXV6mp1c35+7qWFlxdeXJitrKzVqvmfPWN8/1O/ev+k9l/rE3/6lPY/N2D7//fO3Qcf6xRLB1Mn9uPferZH/N/+LF/u4fiF/Lvvc3m5PX+mW97rlA+7+Yvf3zyp/csH7S99kL//WwO2fyg7CgAwNI3d1vpirVbdfsIKb+f5n75w+zzrbOT8CIXkbKRxXgtvD3WDaZqm7X+TPWbdj4hBtpPEWfhYssJ4j0sAAMDwHZz0jzsTAAAAAAAAAAAAAAAAAAAAuLgefvpXmsaQH0J2PObefinxZGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Mz4fwAAAP//j6PX8g==")
clock_adjtime(0xffffffd3, 0x0)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
unshare(0x6040400)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000850000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={0x0, r0, 0x0, 0xa8}, 0x18)
io_uring_setup(0x31fa, &(0x7f00000001c0)={0x0, 0x6a93, 0x40, 0x2, 0xd1})
socket$nl_rdma(0x10, 0x3, 0x14)
socket(0xa, 0x3, 0x3a)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0x44840)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000100)={0x0, 0x3, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000005000100070000000900020073797a31000000001400078005001500070000000800124000000000050005000200000005000400000000000d000300686173683a6e6574"], 0x5c}}, 0x0)
unshare(0x100)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB="44000000090601060000000000000000000000000900020073797a310000000005000100070000001c0007800c00018008000140ffffffff0c00028008000140"], 0x44}, 0x1, 0x0, 0x0, 0x10040047}, 0x240008c4)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
getsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x1a, 0x0, &(0x7f0000002b40))

270.327749ms ago: executing program 6 (id=6652):
perf_event_open(&(0x7f0000001300)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}}, 0x4000000)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={0x0, 0xa8}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)

269.278659ms ago: executing program 5 (id=6653):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000440)='kfree\x00', r1, 0x0, 0x5}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
setrlimit(0x9, &(0x7f0000000400)={0x0, 0x7})
fallocate(r2, 0x44, 0x1, 0x0)
io_setup(0x2004, &(0x7f0000000680))
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x7, 0x4, 0x80, 0x4, 0x28}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000cc0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x18)
r5 = socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100))
sendmsg$nl_route_sched(r5, &(0x7f0000006280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000008c0)=@newtaction={0x15c, 0x30, 0x1, 0x4000000, 0x0, {0x0, 0x0, 0x6a00}, [{0x148, 0x1, [@m_mirred={0x114, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x0, 0x0, 0x10000000, 0x0, 0x4}, 0x3}}]}, {0xc8, 0xa, "b397b4e83a967268c5a9d987f90149559d64809a3ac986ab340189b542fa336acb7fe45f4f09f5489fe33c9db084593435d06a9aafc8e902c8cc1546d51956cc63f770c9299f77d582058a10c84d34b40b66f181a0a0b0c7a5a97dd0826adf172cf9eda6d8a566490db5739b1f7b2a8e602812f3c6b7de4153cd87876eee3def657ca30281059cc2b96ad39469b77c5e56eb46a1214fa38d410392b98a7fbdf1781bc10f5f7325532da6781b8b203644bcc24a4a0178f7c04519cac5ac07296c8f130795"}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}, @m_mpls={0x30, 0x2, 0x0, 0x0, {{0x9}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x15c}}, 0x0)

268.633999ms ago: executing program 5 (id=6654):
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r0 = syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000060000850000001b000000b700000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x281c2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x440, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/locks\x00', 0x0, 0x0)
pread64(r3, &(0x7f0000001440)=""/126, 0x7e, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x18)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(0xffffffffffffffff, &(0x7f0000001340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000280)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="01002abd7000fcdbdf2501000000000000000b00000000060014"], 0x28}, 0x1, 0x0, 0x0, 0x890}, 0x800)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0xe, 0x3, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000006c0)='sched_switch\x00'}, 0x10)
r6 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
r7 = perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x1, 0x4, 0xd2, 0x81, 0x0, 0x0, 0x1400, 0x3, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0xfffffffd, 0x3, @perf_bp={&(0x7f00000001c0), 0x7}, 0x80, 0x4, 0x6, 0x1, 0x9, 0x800, 0xfeff, 0x0, 0xb}, 0x0, 0x6, r4, 0xd)
perf_event_open$cgroup(&(0x7f0000000100)={0x4, 0x80, 0xc, 0x6, 0x6, 0x4, 0x0, 0x10001, 0x400, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x7fff, 0x0, @perf_config_ext={0x7fffffffffffffff, 0x3ff}, 0x2100, 0xbe, 0x9, 0x0, 0xeb, 0xcb0, 0x8, 0x0, 0x7fff, 0x0, 0x9}, r6, 0x6, r7, 0x6)
write(r6, &(0x7f0000004200)='t', 0x1)
sendfile(r6, r4, 0x0, 0x3ffff)
sendfile(r6, r4, 0x0, 0x7ffff000)

189.980325ms ago: executing program 6 (id=6655):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010200000000000000020000000900010073797a300000000040000000030a01010000000000000000020000000900010073797a30000000000900030073797a320000000014000480080001400000000008000240000000002c000000030a03000000000000000000020000000900010073797a3000000000090003007379"], 0xb4}, 0x1, 0x0, 0x0, 0x400c0d1}, 0x20008040)

147.264898ms ago: executing program 6 (id=6656):
syz_open_procfs(0xffffffffffffffff, 0x0)
unshare(0x400)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x0, 0x0, 0x0, 0x1, 0x99, &(0x7f0000000240)=""/153}, 0x94)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0, 0x3, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x8a, &(0x7f0000000540)={[{@jqfmt_vfsold}, {@usrjquota, 0x22}, {@errors_continue}, {@grpquota}, {@data_err_ignore}, {@grpjquota, 0x22}, {@nodiscard}, {@errors_remount}, {@nodelalloc}, {@sysvgroups}, {@norecovery}]}, 0x1, 0x455, &(0x7f0000000d80)="$eJzs3M1PXFUbAPBnZhha2vLCW2u12CpajcQPKPTDLtzUaOJCExNd1LhCoA12WkzBxDZE0QUuTRP3xqWJf4Eb68aoKxO3ujcmxLCxuhpzZ+6FKcwAAwNTnd8vue05cy4557n3nplnzp2ZADrWYPJPLuJQRPwSEX3V6t07DFb/u7M8P/HX8vxELsrl1//IVfb7c3l+Its1+7uD1Uq5vEG/i29FjJdKU9fT+sjc1XdHZm/cfHb66vjlqctT18bOnz9z+kT3ubGzLYmzNxnrwAczx4+9/OatVycu3nr7h6+S8R5K22vjaJXB6tGt64lWd9ZmvTXlXFcbB0JTChGRnK5iZf73RSF6Vtr64qWP2zo4YFeVy/nyvsbNC2XgPyxJ1IFOlL3QJ+9/s22PUo97wtKFWFnHuJNu1ZauyKf7FNP3SLthMCIuLvz9ebLFLq1DAADUun0hIp6pl//l4+j+1f3+l94b6o+I/0fE4Yi4LyKORMT9EXE0Ih6IiAeb7H/tHZL1+U+5b3uRbU2S/z2f3tu6O//Lsr/oL6S13kr8xdyl6dLUqfSYDEVxX1If3aCPb1/8+dNGbbX5X7Il/We5YDqO37vWLNBNjs+N7yTmWksfRQx01Ys/t5LzJvnxsYgY2GYf0099ebxR2+bxb6AFSXn5i4gnq+d/IdbEn8k1vD85+ty5sbMj+6M0dWokuyrW+/Gnxdca9b+j+Ftg6XY5DtS9/lfi78/tj5i9cfNK5X7tbPN9LP76ScP3NNu9/rtzb1TK3elj74/PzV0fjejOvbL+8bHVv83q2f7J9T90sv78PxyrR+KhiEgu4hMR8XBEPJKO/dGIeCwiTm4Q//cvPP5O8/FvsCrfQkn8k5ud/6g9/80XCle++7r5+DPJ+T9TKQ2lj2zl+W+rA9zJsQMAAIB/i3zlM/C5/PBKOZ8fHq5+hv9IHMiXZmbnnr408961yepn5fujmM9Wuvpq1kNH07XhrD62pn46XTf+rNBTqQ9PzJQm2x08dLiDDeZ/4rdCu0cH7Drf14LOZf5D5zL/oXOZ/9C5zH/oXPXm/4dtGAew9zZ5/e/Zq3EAe0/+D53L/IfOZf5DR2r43fj8jr7yr9CmwjfdO/uthq0XIn+PhLzrhWJE7EVfxajb1LXlH7PYZmFf3aZ2PzMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC0xj8BAAD//37l4X0=")
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x4e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file2\x00', 0x2004d95, &(0x7f00000000c0)={[{@barrier}]}, 0x1, 0x523, &(0x7f0000000a80)="$eJzs3c1vHGcZAPBnNrtJnDi1+ThAJUKhRU4F2bVr2locSpEQnCohyj0Ye21ZXnst77qNVxV1/gIkhACJE1y4IPEHIKFIXDgipEpwBqkIhCCFAwfooJ2d9Vd27W262XXs30+azPvO1/O8m8zszOybmQAurGci4tWIeD9N0+cjYiqSbHohH2KvM7SXe+/BW0vtIYk0ff0fSbZku97dVpKPr+erXY2Ib3494jvJw3Ebu631xVqtup3XK82NrUpjt3V7bWNxtbpa3Zyfn3tp4eWFFxdmh9LOGxHxylf/8sPv/fxrr/z6C2/++c7fbn23ndZkPv9wOz6g4kkzO00vZZ/F4RW2HzHYWVTMWpibGGyde48xHwAA+muf4380Ij4bEc/HVFw6+XQWAAAAeAKlX56M/yYRaW+X+0wHAAAAniCFrA9sUijnfQEmo1Aolzt9eD8e1wq1eqP5+ZX6zuZyp6/sdJQKK2u16mzWVzirJ+36XFY+qL9wrD5/pXO/4QdTE1m9vFSvLY/75gcAAABcENePXf//e6pz/Q8AAACcM9PjTgAAAAB47Fz/AwAAwPnn+h8AAADOtW+89tpERKTd918vv7G7s15/4/ZytbFe3thZKi/Vt7fKq/X6avbMvo3Ttler17e+GJs7dyvNaqNZaey27mzUdzabd9aOvAIbAAAAGKGPfPr+H5OI2PvSRDa0XR53UsBIFPdLST7usff/6anO+N0RJQWMxKUBlnn3yggSAUauOO4EgLEpjTsBYOySU+b37bzzu3z8meHmAwAADN/MJ/v//l84cc29k2cDZ56dGC6uY/t/2jauXIDRyn7/H7TDr5MFOFdKA/UABM6zD/37/6lcVwAAwLhNZkNSKOe39yajUCiXI25krwUoJStrtepsRDwVEX+YKl1p1+diwP84CAAAAAAAAAAAAAAAAAAAAAAAAABk0jTpvPQHAAAAOLciCn9NfpNk7/+amXpu8vj9gcvJf6Yif0Xomz95/Ud3F5vN7bn29H/uT2/+OJ/+wjjuYAAAAADHda/Tu9fxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBM7z14a6k7jDLu378SEdO94hfjaja+GqWIuPavJIqH1ksi4tIQ4u/di4hP9IqftNPaD9kr/sTjjx/T+afQK/71IcSHi+x++/jzaq/9rxDPZOPe+18x4kj9UR05/rVuHjn+do9/l/rs/zcGjPH0O7+s9I1/L+LpYu/jTzd+0if+swPG//a3Wq1+89KfRsz0/P5JjsSqNDe2Ko3d1u21jcXV6mp1c35+7qWFlxdeXJitrKzVqvmfPWN8/1O/ev+k9l/rE3/6lPY/N2D7//fO3Qcf6xRLB1Mn9uPferZH/N/+LF/u4fiF/Lvvc3m5PX+mW97rlA+7+Yvf3zyp/csH7S99kL//WwO2fyg7CgAwNI3d1vpirVbdfsIKb+f5n75w+zzrbOT8CIXkbKRxXgtvD3WDaZqm7X+TPWbdj4hBtpPEWfhYssJ4j0sAAMDwHZz0jzsTAAAAAAAAAAAAAAAAAAAAuLgefvpXmsaQH0J2PObefinxZGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Mz4fwAAAP//j6PX8g==")
clock_adjtime(0xffffffd3, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000400)={0x6, 0x3, &(0x7f0000000600)=ANY=[], &(0x7f00000002c0)='GPL\x00'}, 0x94)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
unshare(0x6040400)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e0000008500000005000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0xa8}, 0x18)
io_uring_setup(0x31fa, &(0x7f00000001c0)={0x0, 0x6a93, 0x40, 0x2, 0xd1})
socket$nl_rdma(0x10, 0x3, 0x14)
socket(0xa, 0x3, 0x3a)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0x44840)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
mknod$loop(0x0, 0x2000, 0x1)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000100)={0x0, 0x3, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000005000100070000000900020073797a31000000001400078005001500070000000800124000000000050005000200000005000400000000000d000300686173683a6e6574"], 0x5c}}, 0x0)
unshare(0x100)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB="44000000090601060000000000000000000000000900020073797a310000000005000100070000001c0007800c00018008000140ffffffff0c00028008000140"], 0x44}, 0x1, 0x0, 0x0, 0x10040047}, 0x240008c4)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)

94.841563ms ago: executing program 4 (id=6657):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbf"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = io_uring_setup(0x257, &(0x7f0000000580)={0x0, 0x1fc6, 0x100, 0x0, 0x1d8})
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f00000002c0)=[{0x0}], 0x1)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r2, 0x10, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000002700)=""/4096, 0x1000}], &(0x7f0000000200), 0x1}, 0x20)

52.800666ms ago: executing program 4 (id=6658):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000007d000000850000000f00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10)
syz_clone(0x42000000, 0x0, 0x0, 0x0, 0x0, 0x0)

0s ago: executing program 4 (id=6659):
setuid(0xee01)
r0 = semget$private(0x0, 0x6, 0x3b1)
semop(r0, &(0x7f0000000000)=[{0x0, 0xea, 0x1000}, {0x0, 0x0, 0x1000}], 0x2)
semctl$IPC_SET(r0, 0x0, 0x1, &(0x7f0000000440)={{0x2, 0x0, 0x0, 0xee01, 0x0, 0x2, 0x1}, 0x3, 0x3, 0x0, 0x0, 0x0, 0x0, 0xfffb})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
pipe(&(0x7f0000000480)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
vmsplice(r2, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETLINK(r1, 0x400454cd, 0x30a)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000850000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r3}, 0x10)
r4 = syz_io_uring_setup(0x3b51, &(0x7f00000003c0)={0x0, 0x763, 0x80, 0x2, 0x1c2}, &(0x7f0000000040)=<r5=>0x0, &(0x7f0000000680)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_RENAMEAT={0x23, 0x4, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x1})
msgget$private(0x0, 0x0)
io_uring_enter(r4, 0x10007b0f, 0x96f0, 0x20, 0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r7, 0x0, 0x4}, 0x18)

kernel console output (not intermixed with test programs):

re name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  391.838279][T21849] Call Trace:
[  391.838286][T21849]  <TASK>
[  391.838294][T21849]  __dump_stack+0x1d/0x30
[  391.838352][T21849]  dump_stack_lvl+0xe8/0x140
[  391.838368][T21849]  dump_stack+0x15/0x1b
[  391.838398][T21849]  should_fail_ex+0x265/0x280
[  391.838420][T21849]  should_fail+0xb/0x20
[  391.838446][T21849]  should_fail_usercopy+0x1a/0x20
[  391.838528][T21849]  _copy_from_user+0x1c/0xb0
[  391.838640][T21849]  ___sys_recvmsg+0xaa/0x370
[  391.838670][T21849]  do_recvmmsg+0x1ef/0x540
[  391.838695][T21849]  ? fput+0x8f/0xc0
[  391.838724][T21849]  __x64_sys_recvmmsg+0xe5/0x170
[  391.838768][T21849]  x64_sys_call+0x27a6/0x2ff0
[  391.838789][T21849]  do_syscall_64+0xd2/0x200
[  391.838814][T21849]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  391.838838][T21849]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  391.838937][T21849]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  391.838958][T21849] RIP: 0033:0x7faafeb4ebe9
[  391.838974][T21849] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  391.839008][T21849] RSP: 002b:00007faafd5af038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  391.839028][T21849] RAX: ffffffffffffffda RBX: 00007faafed75fa0 RCX: 00007faafeb4ebe9
[  391.839041][T21849] RDX: 000000000000f000 RSI: 0000200000000d00 RDI: 0000000000000003
[  391.839054][T21849] RBP: 00007faafd5af090 R08: 0000000000000000 R09: 0000000000000000
[  391.839137][T21849] R10: 0000000000010002 R11: 0000000000000246 R12: 0000000000000001
[  391.839195][T21849] R13: 00007faafed76038 R14: 00007faafed75fa0 R15: 00007ffdfbf96cd8
[  391.839213][T21849]  </TASK>
[  391.869124][T21852] lo speed is unknown, defaulting to 1000
[  391.874824][   T29] audit: type=1326 audit(1755399538.386:14893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21838 comm="syz.4.5984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7faafeb4d550 code=0x7ffc0000
[  391.927998][T21855] loop4: detected capacity change from 0 to 1024
[  391.932183][   T29] audit: type=1326 audit(1755399538.386:14894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21838 comm="syz.4.5984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faafeb4ebe9 code=0x7ffc0000
[  391.937653][T21855] EXT4-fs: Ignoring removed orlov option
[  391.941142][   T29] audit: type=1326 audit(1755399538.386:14895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21838 comm="syz.4.5984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faafeb4ebe9 code=0x7ffc0000
[  391.953403][T21855] EXT4-fs error (device loop4): ext4_iget_extra_inode:5104: inode #15: comm syz.4.5991: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  391.956436][   T29] audit: type=1326 audit(1755399538.386:14896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21838 comm="syz.4.5984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=81 compat=0 ip=0x7faafeb4ebe9 code=0x7ffc0000
[  391.963519][T21855] EXT4-fs error (device loop4): ext4_iget_extra_inode:5104: inode #15: comm syz.4.5991: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  392.154137][T21861] loop5: detected capacity change from 0 to 128
[  392.217246][T21863] loop2: detected capacity change from 0 to 128
[  392.228637][T21863] ext4 filesystem being mounted at /35/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  392.248697][T21866] loop4: detected capacity change from 0 to 1024
[  392.261399][T21866] EXT4-fs (loop4): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  392.288807][T21868] loop2: detected capacity change from 0 to 2048
[  392.313191][T21861] bio_check_eod: 18222 callbacks suppressed
[  392.313207][T21861] syz.5.5992: attempt to access beyond end of device
[  392.313207][T21861] loop5: rw=2049, sector=169, nr_sectors = 8 limit=128
[  392.333151][T21861] syz.5.5992: attempt to access beyond end of device
[  392.333151][T21861] loop5: rw=2049, sector=185, nr_sectors = 8 limit=128
[  392.350988][T21861] syz.5.5992: attempt to access beyond end of device
[  392.350988][T21861] loop5: rw=2049, sector=201, nr_sectors = 24 limit=128
[  392.369979][T21861] syz.5.5992: attempt to access beyond end of device
[  392.369979][T21861] loop5: rw=2049, sector=233, nr_sectors = 8 limit=128
[  392.383710][T21861] syz.5.5992: attempt to access beyond end of device
[  392.383710][T21861] loop5: rw=2049, sector=249, nr_sectors = 8 limit=128
[  392.399597][T21868]  loop2: p2 p3 p7
[  392.422873][T21861] syz.5.5992: attempt to access beyond end of device
[  392.422873][T21861] loop5: rw=2049, sector=265, nr_sectors = 8 limit=128
[  392.448929][T21861] syz.5.5992: attempt to access beyond end of device
[  392.448929][T21861] loop5: rw=2049, sector=281, nr_sectors = 8 limit=128
[  392.464549][T21884] lo speed is unknown, defaulting to 1000
[  392.479973][T21861] syz.5.5992: attempt to access beyond end of device
[  392.479973][T21861] loop5: rw=2049, sector=297, nr_sectors = 8 limit=128
[  392.537064][T21861] syz.5.5992: attempt to access beyond end of device
[  392.537064][T21861] loop5: rw=2049, sector=313, nr_sectors = 8 limit=128
[  392.564840][T21861] syz.5.5992: attempt to access beyond end of device
[  392.564840][T21861] loop5: rw=2049, sector=329, nr_sectors = 8 limit=128
[  392.641084][T21896] loop5: detected capacity change from 0 to 1024
[  392.662794][T21896] EXT4-fs: Ignoring removed orlov option
[  392.683929][T21896] EXT4-fs error (device loop5): ext4_iget_extra_inode:5104: inode #15: comm syz.5.6005: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  392.724885][T21896] EXT4-fs error (device loop5): ext4_iget_extra_inode:5104: inode #15: comm syz.5.6005: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  392.742742][T21900] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  392.921009][T21909] loop5: detected capacity change from 0 to 128
[  392.929480][T21909] ext4 filesystem being mounted at /74/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  392.956805][T21912] loop5: detected capacity change from 0 to 1024
[  392.963494][T21912] EXT4-fs: Ignoring removed orlov option
[  392.973602][T21912] EXT4-fs error (device loop5): ext4_iget_extra_inode:5104: inode #15: comm syz.5.6008: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  392.991204][T21912] EXT4-fs error (device loop5): ext4_iget_extra_inode:5104: inode #15: comm syz.5.6008: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  393.322450][T21926] lo speed is unknown, defaulting to 1000
[  393.409250][T21935] loop5: detected capacity change from 0 to 2048
[  393.459341][T21935]  loop5: p2 p3 p7
[  393.462312][T21940] loop6: detected capacity change from 0 to 512
[  393.480719][T21940] EXT4-fs (loop6): Cannot turn on journaled quota: type 0: error -2
[  393.495067][T21940] EXT4-fs (loop6): Cannot turn on journaled quota: type 1: error -2
[  393.517046][T21940] EXT4-fs (loop6): 1 truncate cleaned up
[  393.543421][T21940] EXT4-fs error (device loop6): ext4_map_blocks:778: inode #2: block 4: comm syz.6.6020: lblock 0 mapped to illegal pblock 4 (length 1)
[  393.560269][T21940] EXT4-fs (loop6): Remounting filesystem read-only
[  393.578015][T21950] loop2: detected capacity change from 0 to 1024
[  393.584598][T21951] loop4: detected capacity change from 0 to 512
[  393.585980][T21950] EXT4-fs: Ignoring removed orlov option
[  393.593196][T21951] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[  393.605253][T21951] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2
[  393.615705][T21951] EXT4-fs (loop4): 1 truncate cleaned up
[  393.627015][T21950] EXT4-fs error (device loop2): ext4_iget_extra_inode:5104: inode #15: comm syz.2.6023: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  393.651417][T21951] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #2: block 4: comm syz.4.6025: lblock 0 mapped to illegal pblock 4 (length 1)
[  393.658900][T21950] EXT4-fs error (device loop2): ext4_iget_extra_inode:5104: inode #15: comm syz.2.6023: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  393.675640][T21951] EXT4-fs (loop4): Remounting filesystem read-only
[  393.718195][T21958] lo speed is unknown, defaulting to 1000
[  393.989523][T21956] loop5: detected capacity change from 0 to 512
[  394.016367][T21956] EXT4-fs (loop5): too many log groups per flexible block group
[  394.024112][T21956] EXT4-fs (loop5): failed to initialize mballoc (-12)
[  394.037251][T21956] EXT4-fs (loop5): mount failed
[  394.099363][T21972] loop4: detected capacity change from 0 to 2048
[  394.161151][T21974] loop2: detected capacity change from 0 to 1024
[  394.168756][T21972]  loop4: p2 p3 p7
[  394.180207][T21974] EXT4-fs (loop2): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  394.327440][T21055] EXT4-fs error (device loop2): ext4_empty_dir:3113: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  394.413138][T21055] EXT4-fs (loop2): Remounting filesystem read-only
[  394.533484][T21940] Set syz1 is full, maxelem 65536 reached
[  394.583374][T21991] __nla_validate_parse: 7 callbacks suppressed
[  394.583387][T21991] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6036'.
[  394.686683][T21997] lo speed is unknown, defaulting to 1000
[  394.711954][T22000] netlink: 16 bytes leftover after parsing attributes in process `syz.2.6041'.
[  394.764183][   T23] IPVS: starting estimator thread 0...
[  394.818498][T22008] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6044'.
[  394.870220][T22012] loop6: detected capacity change from 0 to 1024
[  394.877470][T22005] IPVS: using max 3312 ests per chain, 165600 per kthread
[  394.888505][T22010] loop2: detected capacity change from 0 to 128
[  394.897125][T22012] EXT4-fs (loop6): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  395.029365][T19655] EXT4-fs error (device loop6): ext4_empty_dir:3113: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  395.066131][T19655] EXT4-fs (loop6): Remounting filesystem read-only
[  395.165233][T22026] netlink: 16 bytes leftover after parsing attributes in process `syz.6.6049'.
[  395.223966][T22029] netlink: 16 bytes leftover after parsing attributes in process `syz.6.6052'.
[  395.305711][T22032] netlink: 12 bytes leftover after parsing attributes in process `syz.6.6053'.
[  395.374836][T22035] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  395.584327][T22044] netlink: 12 bytes leftover after parsing attributes in process `syz.6.6057'.
[  395.627359][T22048] loop5: detected capacity change from 0 to 1024
[  395.645607][T22048] EXT4-fs (loop5): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  395.847392][T22057] tipc: Enabling of bearer <udp:£> rejected, already enabled
[  395.887898][T22057] loop6: detected capacity change from 0 to 1024
[  395.915661][T22057] EXT4-fs (loop6): VFS: Can't find ext4 filesystem
[  395.962442][T22057] netlink: 4 bytes leftover after parsing attributes in process `syz.6.6062'.
[  395.999404][T22067] loop2: detected capacity change from 0 to 128
[  396.017450][T22071] loop6: detected capacity change from 0 to 1024
[  396.024393][T22071] EXT4-fs: Ignoring removed orlov option
[  396.044179][T22071] EXT4-fs error (device loop6): ext4_iget_extra_inode:5104: inode #15: comm syz.6.6075: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  396.062408][T22071] EXT4-fs error (device loop6): ext4_iget_extra_inode:5104: inode #15: comm syz.6.6075: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  396.093633][T22074] netlink: 16 bytes leftover after parsing attributes in process `syz.2.6065'.
[  396.239006][T22078] lo speed is unknown, defaulting to 1000
[  396.277919][T22082] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6068'.
[  396.545587][T22091] loop6: detected capacity change from 0 to 128
[  396.711403][   T29] kauditd_printk_skb: 163 callbacks suppressed
[  396.711417][   T29] audit: type=1326 audit(1755399543.446:15060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22104 comm="syz.5.6080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe88e73ebe9 code=0x7ffc0000
[  396.741749][   T29] audit: type=1326 audit(1755399543.446:15061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22104 comm="syz.5.6080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe88e73ebe9 code=0x7ffc0000
[  396.819661][T22115] FAULT_INJECTION: forcing a failure.
[  396.819661][T22115] name failslab, interval 1, probability 0, space 0, times 0
[  396.832483][T22115] CPU: 0 UID: 0 PID: 22115 Comm: syz.5.6084 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(voluntary) 
[  396.832510][T22115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  396.832521][T22115] Call Trace:
[  396.832536][T22115]  <TASK>
[  396.832544][T22115]  __dump_stack+0x1d/0x30
[  396.832566][T22115]  dump_stack_lvl+0xe8/0x140
[  396.832592][T22115]  dump_stack+0x15/0x1b
[  396.832609][T22115]  should_fail_ex+0x265/0x280
[  396.832631][T22115]  should_failslab+0x8c/0xb0
[  396.832659][T22115]  kmem_cache_alloc_noprof+0x50/0x310
[  396.832718][T22115]  ? mm_alloc+0x2b/0xa0
[  396.832741][T22115]  mm_alloc+0x2b/0xa0
[  396.832763][T22115]  alloc_bprm+0x20e/0x350
[  396.832850][T22115]  do_execveat_common+0x12e/0x750
[  396.832880][T22115]  ? getname_flags+0x154/0x3b0
[  396.832971][T22115]  __x64_sys_execveat+0x73/0x90
[  396.832992][T22115]  x64_sys_call+0x1fec/0x2ff0
[  396.833009][T22115]  do_syscall_64+0xd2/0x200
[  396.833032][T22115]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  396.833066][T22115]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  396.833086][T22115]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  396.833104][T22115] RIP: 0033:0x7fe88e73ebe9
[  396.833146][T22115] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  396.833163][T22115] RSP: 002b:00007fe88d19f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000142
[  396.833180][T22115] RAX: ffffffffffffffda RBX: 00007fe88e965fa0 RCX: 00007fe88e73ebe9
[  396.833191][T22115] RDX: 0000000000000000 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  396.833259][T22115] RBP: 00007fe88d19f090 R08: 0000000000000000 R09: 0000000000000000
[  396.833270][T22115] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  396.833282][T22115] R13: 00007fe88e966038 R14: 00007fe88e965fa0 R15: 00007ffd5cf03758
[  396.833299][T22115]  </TASK>
[  396.944701][   T29] audit: type=1326 audit(1755399543.506:15062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22104 comm="syz.5.6080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe88e73ebe9 code=0x7ffc0000
[  397.047772][   T29] audit: type=1326 audit(1755399543.506:15063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22104 comm="syz.5.6080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe88e73ebe9 code=0x7ffc0000
[  397.072023][   T29] audit: type=1326 audit(1755399543.506:15064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22104 comm="syz.5.6080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe88e73ebe9 code=0x7ffc0000
[  397.095984][   T29] audit: type=1326 audit(1755399543.506:15065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22104 comm="syz.5.6080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fe88e73ebe9 code=0x7ffc0000
[  397.120447][   T29] audit: type=1326 audit(1755399543.506:15066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22104 comm="syz.5.6080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe88e73ebe9 code=0x7ffc0000
[  397.145392][   T29] audit: type=1326 audit(1755399543.506:15067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22104 comm="syz.5.6080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe88e73ebe9 code=0x7ffc0000
[  397.169165][   T29] audit: type=1326 audit(1755399543.506:15068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22104 comm="syz.5.6080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fe88e73ebe9 code=0x7ffc0000
[  397.193088][   T29] audit: type=1326 audit(1755399543.506:15069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22104 comm="syz.5.6080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe88e73ebe9 code=0x7ffc0000
[  397.468891][T22137] loop2: detected capacity change from 0 to 512
[  397.485091][T22137] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[  397.513445][T22137] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2
[  397.546377][T22137] EXT4-fs (loop2): 1 truncate cleaned up
[  397.588549][T22146] FAULT_INJECTION: forcing a failure.
[  397.588549][T22146] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  397.601730][T22146] CPU: 1 UID: 0 PID: 22146 Comm: syz.4.6097 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(voluntary) 
[  397.601761][T22146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  397.601771][T22146] Call Trace:
[  397.601778][T22146]  <TASK>
[  397.601785][T22146]  __dump_stack+0x1d/0x30
[  397.601804][T22146]  dump_stack_lvl+0xe8/0x140
[  397.601837][T22146]  dump_stack+0x15/0x1b
[  397.601859][T22146]  should_fail_ex+0x265/0x280
[  397.601878][T22146]  should_fail+0xb/0x20
[  397.601894][T22146]  should_fail_usercopy+0x1a/0x20
[  397.601913][T22146]  strncpy_from_user+0x25/0x230
[  397.601939][T22146]  ? kmem_cache_alloc_noprof+0x186/0x310
[  397.601994][T22146]  ? getname_flags+0x80/0x3b0
[  397.602020][T22146]  getname_flags+0xae/0x3b0
[  397.602169][T22146]  __x64_sys_rename+0x33/0x70
[  397.602191][T22146]  x64_sys_call+0x1f9/0x2ff0
[  397.602213][T22146]  do_syscall_64+0xd2/0x200
[  397.602289][T22146]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  397.602337][T22146]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  397.602356][T22146]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  397.602374][T22146] RIP: 0033:0x7faafeb4ebe9
[  397.602387][T22146] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  397.602403][T22146] RSP: 002b:00007faafd5af038 EFLAGS: 00000246 ORIG_RAX: 0000000000000052
[  397.602420][T22146] RAX: ffffffffffffffda RBX: 00007faafed75fa0 RCX: 00007faafeb4ebe9
[  397.602503][T22146] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  397.602513][T22146] RBP: 00007faafd5af090 R08: 0000000000000000 R09: 0000000000000000
[  397.602524][T22146] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  397.602534][T22146] R13: 00007faafed76038 R14: 00007faafed75fa0 R15: 00007ffdfbf96cd8
[  397.602550][T22146]  </TASK>
[  397.827822][T22147] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #2: block 4: comm syz.2.6093: lblock 0 mapped to illegal pblock 4 (length 1)
[  397.844506][T22147] EXT4-fs (loop2): Remounting filesystem read-only
[  398.000877][T22120] Set syz1 is full, maxelem 65536 reached
[  398.112298][T22175] tipc: Enabling of bearer <udp:£> rejected, already enabled
[  398.126674][   T36] IPVS: starting estimator thread 0...
[  398.153672][T22176] loop6: detected capacity change from 0 to 128
[  398.216765][T22168] IPVS: using max 2640 ests per chain, 132000 per kthread
[  398.298610][T22182] loop6: detected capacity change from 0 to 512
[  398.340759][T22182] EXT4-fs (loop6): Cannot turn on journaled quota: type 0: error -2
[  398.363552][T22182] EXT4-fs (loop6): Cannot turn on journaled quota: type 1: error -2
[  398.395361][T22182] EXT4-fs (loop6): 1 truncate cleaned up
[  398.433595][T22182] EXT4-fs error (device loop6): ext4_map_blocks:778: inode #2: block 4: comm syz.6.6109: lblock 0 mapped to illegal pblock 4 (length 1)
[  398.462632][T22182] EXT4-fs (loop6): Remounting filesystem read-only
[  398.577903][T22137] Set syz1 is full, maxelem 65536 reached
[  398.604732][T22190] loop6: detected capacity change from 0 to 512
[  398.613065][T22190] EXT4-fs (loop6): Cannot turn on journaled quota: type 0: error -2
[  398.622261][T22190] EXT4-fs (loop6): Cannot turn on journaled quota: type 1: error -2
[  398.631706][T22190] EXT4-fs (loop6): 1 truncate cleaned up
[  398.650191][T22190] EXT4-fs error (device loop6): ext4_map_blocks:778: inode #2: block 4: comm syz.6.6110: lblock 0 mapped to illegal pblock 4 (length 1)
[  398.665618][T22190] EXT4-fs (loop6): Remounting filesystem read-only
[  398.883407][T22214] loop4: detected capacity change from 0 to 128
[  399.122641][T22224] loop4: detected capacity change from 0 to 2048
[  399.228439][T22224]  loop4: p2 p3 p7
[  399.388434][T22190] Set syz1 is full, maxelem 65536 reached
[  399.608127][T22242] loop4: detected capacity change from 0 to 2048
[  399.625596][T22242] EXT4-fs (loop4): failed to initialize system zone (-117)
[  399.632835][T22242] EXT4-fs (loop4): mount failed
[  399.670811][T22252] loop4: detected capacity change from 0 to 512
[  399.677451][T22253] __nla_validate_parse: 5 callbacks suppressed
[  399.677467][T22253] netlink: 16 bytes leftover after parsing attributes in process `syz.0.6134'.
[  399.696865][T22252] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[  399.731172][T22252] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2
[  399.751044][T22252] EXT4-fs (loop4): 1 truncate cleaned up
[  399.766217][T22252] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #2: block 4: comm syz.4.6135: lblock 0 mapped to illegal pblock 4 (length 1)
[  399.797748][T22252] EXT4-fs (loop4): Remounting filesystem read-only
[  400.065781][T22273] loop2: detected capacity change from 0 to 1024
[  400.085770][T22273] EXT4-fs: Ignoring removed orlov option
[  400.143294][T22273] EXT4-fs error (device loop2): ext4_iget_extra_inode:5104: inode #15: comm syz.2.6142: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  400.202563][T22275] EXT4-fs error (device loop2): ext4_iget_extra_inode:5104: inode #15: comm syz.2.6142: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  400.747370][T22252] Set syz1 is full, maxelem 65536 reached
[  400.769460][T22287] loop2: detected capacity change from 0 to 128
[  400.848875][T22293] loop2: detected capacity change from 0 to 4096
[  400.971238][T22304] loop5: detected capacity change from 0 to 1024
[  400.985879][T22304] EXT4-fs: Ignoring removed orlov option
[  401.009050][T22304] EXT4-fs error (device loop5): ext4_iget_extra_inode:5104: inode #15: comm syz.5.6155: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  401.045479][T22304] EXT4-fs error (device loop5): ext4_iget_extra_inode:5104: inode #15: comm syz.5.6155: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  401.145113][T22311] lo speed is unknown, defaulting to 1000
[  401.334873][T22320] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6159'.
[  401.486854][T22328] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6163'.
[  401.529015][T22332] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6165'.
[  401.717503][T22344] netlink: 16 bytes leftover after parsing attributes in process `syz.4.6170'.
[  401.805920][T22355] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  401.840040][T22355] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  401.899970][T22365] netlink: 16 bytes leftover after parsing attributes in process `syz.0.6179'.
[  402.455565][T22377] netlink: 16 bytes leftover after parsing attributes in process `syz.6.6183'.
[  402.482578][T22379] loop6: detected capacity change from 0 to 1024
[  402.489420][T22379] EXT4-fs: Ignoring removed orlov option
[  402.500479][T22379] EXT4-fs error (device loop6): ext4_iget_extra_inode:5104: inode #15: comm syz.6.6184: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  402.518348][T22379] EXT4-fs error (device loop6): ext4_iget_extra_inode:5104: inode #15: comm syz.6.6184: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  402.770722][T22395] loop4: detected capacity change from 0 to 128
[  402.771779][T22397] loop5: detected capacity change from 0 to 512
[  402.805575][T22397] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -2
[  402.820042][T22397] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -2
[  402.830777][   T29] kauditd_printk_skb: 270 callbacks suppressed
[  402.830792][   T29] audit: type=1326 audit(1755399549.566:15340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22399 comm="syz.4.6193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faafeb4ebe9 code=0x7ffc0000
[  402.861541][   T29] audit: type=1326 audit(1755399549.566:15341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22399 comm="syz.4.6193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faafeb4ebe9 code=0x7ffc0000
[  402.885361][   T29] audit: type=1326 audit(1755399549.566:15342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22399 comm="syz.4.6193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faafeb4ebe9 code=0x7ffc0000
[  402.885576][T22400] loop4: detected capacity change from 0 to 2048
[  402.909660][   T29] audit: type=1326 audit(1755399549.566:15343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22399 comm="syz.4.6193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faafeb4ebe9 code=0x7ffc0000
[  402.939815][   T29] audit: type=1326 audit(1755399549.566:15344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22399 comm="syz.4.6193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faafeb4ebe9 code=0x7ffc0000
[  402.963644][   T29] audit: type=1326 audit(1755399549.566:15345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22399 comm="syz.4.6193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faafeb4ebe9 code=0x7ffc0000
[  402.987442][   T29] audit: type=1326 audit(1755399549.566:15346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22399 comm="syz.4.6193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faafeb4ebe9 code=0x7ffc0000
[  402.998062][T22397] EXT4-fs (loop5): 1 truncate cleaned up
[  403.011451][   T29] audit: type=1326 audit(1755399549.566:15347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22399 comm="syz.4.6193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faafeb4ebe9 code=0x7ffc0000
[  403.041226][   T29] audit: type=1326 audit(1755399549.566:15348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22399 comm="syz.4.6193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7faafeb4ebe9 code=0x7ffc0000
[  403.049063][T22400] EXT4-fs (loop4): failed to initialize system zone (-117)
[  403.064779][   T29] audit: type=1326 audit(1755399549.566:15349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22399 comm="syz.4.6193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faafeb4ebe9 code=0x7ffc0000
[  403.071961][T22400] EXT4-fs (loop4): mount failed
[  403.117464][T22397] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #2: block 4: comm syz.5.6192: lblock 0 mapped to illegal pblock 4 (length 1)
[  403.139259][T22397] EXT4-fs (loop5): Remounting filesystem read-only
[  403.248015][T22413] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  403.604199][T22397] Set syz1 is full, maxelem 65536 reached
[  404.017525][T22423] lo speed is unknown, defaulting to 1000
[  404.089712][T22423] chnl_net:caif_netlink_parms(): no params data found
[  404.121455][T22445] loop6: detected capacity change from 0 to 512
[  404.131114][T22445] EXT4-fs (loop6): Cannot turn on journaled quota: type 0: error -2
[  404.141757][T22445] EXT4-fs (loop6): Cannot turn on journaled quota: type 1: error -2
[  404.150756][T22445] EXT4-fs (loop6): 1 truncate cleaned up
[  404.163096][T22445] EXT4-fs error (device loop6): ext4_map_blocks:778: inode #2: block 4: comm syz.6.6203: lblock 0 mapped to illegal pblock 4 (length 1)
[  404.178129][T22445] EXT4-fs (loop6): Remounting filesystem read-only
[  404.178331][T22423] bridge0: port 1(bridge_slave_0) entered blocking state
[  404.192128][T22423] bridge0: port 1(bridge_slave_0) entered disabled state
[  404.201818][T22423] bridge_slave_0: entered allmulticast mode
[  404.208291][T22423] bridge_slave_0: entered promiscuous mode
[  404.215589][T22423] bridge0: port 2(bridge_slave_1) entered blocking state
[  404.222753][T22423] bridge0: port 2(bridge_slave_1) entered disabled state
[  404.230430][T22423] bridge_slave_1: entered allmulticast mode
[  404.237549][T22423] bridge_slave_1: entered promiscuous mode
[  404.258162][T22423] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  404.269098][T22423] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  404.290175][T22423] team0: Port device team_slave_0 added
[  404.297473][T22423] team0: Port device team_slave_1 added
[  404.317665][T22423] batman_adv: batadv0: Adding interface: batadv_slave_0
[  404.324663][T22423] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  404.351077][T22423] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  404.363611][T22423] batman_adv: batadv0: Adding interface: batadv_slave_1
[  404.370749][T22423] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  404.396811][T22423] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  404.424661][T22423] hsr_slave_0: entered promiscuous mode
[  404.430796][T22423] hsr_slave_1: entered promiscuous mode
[  404.436719][T22423] debugfs: 'hsr0' already exists in 'hsr'
[  404.442470][T22423] Cannot create hsr debugfs directory
[  404.465884][T22458] loop2: detected capacity change from 0 to 1024
[  404.472561][T22458] EXT4-fs: Ignoring removed orlov option
[  404.487126][T22458] EXT4-fs error (device loop2): ext4_iget_extra_inode:5104: inode #15: comm syz.2.6207: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  404.504897][T22458] EXT4-fs error (device loop2): ext4_iget_extra_inode:5104: inode #15: comm syz.2.6207: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  404.525059][T22423] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  404.586225][T22423] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  404.667673][T22423] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  404.720327][T21055] EXT4-fs unmount: 81 callbacks suppressed
[  404.720343][T21055] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  404.740053][T22423] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  404.752501][T22472] loop5: detected capacity change from 0 to 512
[  404.759579][T22472] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  404.760304][T22474] loop2: detected capacity change from 0 to 512
[  404.769345][T22472] EXT4-fs (loop5): warning: maximal mount count reached, running e2fsck is recommended
[  404.778383][T22474] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[  404.793164][T22474] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2
[  404.793274][T22472] EXT4-fs error (device loop5): ext4_orphan_get:1392: comm syz.5.6213: inode #15: comm syz.5.6213: iget: illegal inode #
[  404.802736][T22474] EXT4-fs (loop2): 1 truncate cleaned up
[  404.814238][T22472] EXT4-fs (loop5): Remounting filesystem read-only
[  404.822438][T22474] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  404.827653][T22472] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  404.853155][T22472] FAULT_INJECTION: forcing a failure.
[  404.853155][T22472] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  404.866449][T22472] CPU: 0 UID: 0 PID: 22472 Comm: syz.5.6213 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(voluntary) 
[  404.866475][T22472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  404.866486][T22472] Call Trace:
[  404.866492][T22472]  <TASK>
[  404.866500][T22472]  __dump_stack+0x1d/0x30
[  404.866522][T22472]  dump_stack_lvl+0xe8/0x140
[  404.866538][T22472]  dump_stack+0x15/0x1b
[  404.866582][T22472]  should_fail_ex+0x265/0x280
[  404.866602][T22472]  should_fail+0xb/0x20
[  404.866617][T22472]  should_fail_usercopy+0x1a/0x20
[  404.866664][T22472]  _copy_from_user+0x1c/0xb0
[  404.866687][T22472]  __io_register_rsrc_update+0x268/0xac0
[  404.866728][T22472]  ? get_pid_task+0x96/0xd0
[  404.866771][T22472]  ? should_fail_ex+0xdb/0x280
[  404.866792][T22472]  io_register_rsrc_update+0x10a/0x120
[  404.866822][T22472]  __se_sys_io_uring_register+0x6d9/0xeb0
[  404.866845][T22472]  ? fput+0x8f/0xc0
[  404.866941][T22472]  ? ksys_write+0x192/0x1a0
[  404.866964][T22472]  __x64_sys_io_uring_register+0x55/0x70
[  404.866987][T22472]  x64_sys_call+0x18a3/0x2ff0
[  404.867025][T22472]  do_syscall_64+0xd2/0x200
[  404.867051][T22472]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  404.867147][T22472]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  404.867216][T22472]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  404.867234][T22472] RIP: 0033:0x7fe88e73ebe9
[  404.867247][T22472] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  404.867326][T22472] RSP: 002b:00007fe88d19f038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab
[  404.867344][T22472] RAX: ffffffffffffffda RBX: 00007fe88e965fa0 RCX: 00007fe88e73ebe9
[  404.867355][T22472] RDX: 0000200000000240 RSI: 0000000000000010 RDI: 0000000000000005
[  404.867366][T22472] RBP: 00007fe88d19f090 R08: 0000000000000000 R09: 0000000000000000
[  404.867376][T22472] R10: 0000000000000020 R11: 0000000000000246 R12: 0000000000000001
[  404.867416][T22472] R13: 00007fe88e966038 R14: 00007fe88e965fa0 R15: 00007ffd5cf03758
[  404.867434][T22472]  </TASK>
[  404.881073][T22423] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  405.019240][T22481] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #2: block 4: comm syz.2.6211: lblock 0 mapped to illegal pblock 4 (length 1)
[  405.095185][T20563] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  405.103495][T22481] EXT4-fs (loop2): Remounting filesystem read-only
[  405.128407][T22423] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  405.142993][T22423] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  405.152568][T22423] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  405.158563][T22484] loop5: detected capacity change from 0 to 512
[  405.169709][T22486] netlink: 12 bytes leftover after parsing attributes in process `syz.6.6217'.
[  405.195463][T22484] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -2
[  405.206385][T21055] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  405.223242][T22484] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -2
[  405.256780][T22484] EXT4-fs (loop5): 1 truncate cleaned up
[  405.271329][T22484] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  405.289865][T22423] 8021q: adding VLAN 0 to HW filter on device bond0
[  405.302958][T22503] netlink: 'syz.2.6223': attribute type 2 has an invalid length.
[  405.310900][T22503] netlink: 16 bytes leftover after parsing attributes in process `syz.2.6223'.
[  405.322746][T22484] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #2: block 4: comm syz.5.6215: lblock 0 mapped to illegal pblock 4 (length 1)
[  405.331392][T22423] 8021q: adding VLAN 0 to HW filter on device team0
[  405.356057][T22484] EXT4-fs (loop5): Remounting filesystem read-only
[  405.391394][ T3566] bridge0: port 1(bridge_slave_0) entered blocking state
[  405.398619][ T3566] bridge0: port 1(bridge_slave_0) entered forwarding state
[  405.426014][ T3566] bridge0: port 2(bridge_slave_1) entered blocking state
[  405.433277][ T3566] bridge0: port 2(bridge_slave_1) entered forwarding state
[  405.473907][T20563] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  405.587158][T22423] 8021q: adding VLAN 0 to HW filter on device batadv0
[  405.639227][T22527] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6230'.
[  405.675267][T22531] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  405.790299][T22423] veth0_vlan: entered promiscuous mode
[  405.801370][T22423] veth1_vlan: entered promiscuous mode
[  405.818170][T22423] veth0_macvtap: entered promiscuous mode
[  405.825794][T22423] veth1_macvtap: entered promiscuous mode
[  405.837461][T22423] batman_adv: batadv0: Interface activated: batadv_slave_0
[  405.849863][T22423] batman_adv: batadv0: Interface activated: batadv_slave_1
[  405.860801][ T3566] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  405.869836][ T3566] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  405.878913][ T3566] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  405.888189][ T3625] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  405.946929][T22549] loop0: detected capacity change from 0 to 512
[  405.955088][T22549] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2
[  405.963175][T22549] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -2
[  405.971758][T22549] EXT4-fs (loop0): 1 truncate cleaned up
[  405.977871][T22549] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  405.992498][T22549] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #2: block 4: comm syz.0.6234: lblock 0 mapped to illegal pblock 4 (length 1)
[  406.007080][T22549] EXT4-fs (loop0): Remounting filesystem read-only
[  406.229732][T22549] Set syz1 is full, maxelem 65536 reached
[  406.277124][T22423] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  406.423651][T22564] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6240'.
[  406.451467][T22568] FAULT_INJECTION: forcing a failure.
[  406.451467][T22568] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  406.464854][T22568] CPU: 0 UID: 0 PID: 22568 Comm: syz.6.6242 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(voluntary) 
[  406.464916][T22568] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  406.464927][T22568] Call Trace:
[  406.464933][T22568]  <TASK>
[  406.464940][T22568]  __dump_stack+0x1d/0x30
[  406.464959][T22568]  dump_stack_lvl+0xe8/0x140
[  406.464989][T22568]  dump_stack+0x15/0x1b
[  406.465005][T22568]  should_fail_ex+0x265/0x280
[  406.465056][T22568]  should_fail+0xb/0x20
[  406.465146][T22568]  should_fail_usercopy+0x1a/0x20
[  406.465167][T22568]  _copy_from_user+0x1c/0xb0
[  406.465219][T22568]  __sys_bpf+0x178/0x7b0
[  406.465247][T22568]  __x64_sys_bpf+0x41/0x50
[  406.465341][T22568]  x64_sys_call+0x2aea/0x2ff0
[  406.465450][T22568]  do_syscall_64+0xd2/0x200
[  406.465473][T22568]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  406.465496][T22568]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  406.465519][T22568]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  406.465587][T22568] RIP: 0033:0x7f589df7ebe9
[  406.465601][T22568] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  406.465632][T22568] RSP: 002b:00007f589c9e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  406.465651][T22568] RAX: ffffffffffffffda RBX: 00007f589e1a5fa0 RCX: 00007f589df7ebe9
[  406.465664][T22568] RDX: 0000000000000048 RSI: 00002000000017c0 RDI: 0000000000000005
[  406.465677][T22568] RBP: 00007f589c9e7090 R08: 0000000000000000 R09: 0000000000000000
[  406.465689][T22568] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  406.465701][T22568] R13: 00007f589e1a6038 R14: 00007f589e1a5fa0 R15: 00007ffd71c5eb18
[  406.465795][T22568]  </TASK>
[  406.656939][T22573] FAULT_INJECTION: forcing a failure.
[  406.656939][T22573] name failslab, interval 1, probability 0, space 0, times 0
[  406.670615][T22573] CPU: 0 UID: 0 PID: 22573 Comm: +}[@ Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(voluntary) 
[  406.670729][T22573] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  406.670739][T22573] Call Trace:
[  406.670747][T22573]  <TASK>
[  406.670754][T22573]  __dump_stack+0x1d/0x30
[  406.670774][T22573]  dump_stack_lvl+0xe8/0x140
[  406.670789][T22573]  dump_stack+0x15/0x1b
[  406.670861][T22573]  should_fail_ex+0x265/0x280
[  406.670878][T22573]  ? nf_tables_newtable+0x375/0xea0
[  406.670896][T22573]  should_failslab+0x8c/0xb0
[  406.670916][T22573]  __kmalloc_cache_noprof+0x4c/0x320
[  406.670943][T22573]  ? __nla_validate_parse+0x1652/0x1d00
[  406.671023][T22573]  nf_tables_newtable+0x375/0xea0
[  406.671047][T22573]  nfnetlink_rcv+0xb96/0x1690
[  406.671089][T22573]  netlink_unicast+0x5bd/0x690
[  406.671119][T22573]  netlink_sendmsg+0x58b/0x6b0
[  406.671140][T22573]  ? __pfx_netlink_sendmsg+0x10/0x10
[  406.671158][T22573]  __sock_sendmsg+0x142/0x180
[  406.671182][T22573]  ____sys_sendmsg+0x31e/0x4e0
[  406.671238][T22573]  ___sys_sendmsg+0x17b/0x1d0
[  406.671269][T22573]  __x64_sys_sendmsg+0xd4/0x160
[  406.671371][T22573]  x64_sys_call+0x191e/0x2ff0
[  406.671393][T22573]  do_syscall_64+0xd2/0x200
[  406.671478][T22573]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  406.671560][T22573]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  406.671640][T22573]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  406.671661][T22573] RIP: 0033:0x7f589df7ebe9
[  406.671677][T22573] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  406.671694][T22573] RSP: 002b:00007f589c9e7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  406.671773][T22573] RAX: ffffffffffffffda RBX: 00007f589e1a5fa0 RCX: 00007f589df7ebe9
[  406.671786][T22573] RDX: 0000000004000024 RSI: 0000200000000040 RDI: 0000000000000003
[  406.671799][T22573] RBP: 00007f589c9e7090 R08: 0000000000000000 R09: 0000000000000000
[  406.671812][T22573] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  406.671843][T22573] R13: 00007f589e1a6038 R14: 00007f589e1a5fa0 R15: 00007ffd71c5eb18
[  406.671894][T22573]  </TASK>
[  406.950877][T22581] loop5: detected capacity change from 0 to 1024
[  406.965376][T22581] EXT4-fs: Ignoring removed oldalloc option
[  406.967603][T22583] loop2: detected capacity change from 0 to 1024
[  406.971481][T22581] EXT4-fs: Ignoring removed bh option
[  406.978256][T22583] EXT4-fs: Ignoring removed orlov option
[  406.996739][T22585] loop6: detected capacity change from 0 to 128
[  407.010085][T22583] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  407.026335][T22581] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  407.051341][T22583] EXT4-fs error (device loop2): ext4_iget_extra_inode:5104: inode #15: comm syz.2.6250: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  407.087382][T22581] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4183: comm syz.5.6248: Allocating blocks 113-513 which overlap fs metadata
[  407.096829][T22585] bio_check_eod: 314 callbacks suppressed
[  407.096847][T22585] syz.6.6249: attempt to access beyond end of device
[  407.096847][T22585] loop6: rw=2049, sector=169, nr_sectors = 8 limit=128
[  407.111706][T22589] EXT4-fs error (device loop2): ext4_iget_extra_inode:5104: inode #15: comm syz.2.6250: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  407.120750][T22585] syz.6.6249: attempt to access beyond end of device
[  407.120750][T22585] loop6: rw=2049, sector=185, nr_sectors = 8 limit=128
[  407.151198][T22585] syz.6.6249: attempt to access beyond end of device
[  407.151198][T22585] loop6: rw=2049, sector=201, nr_sectors = 24 limit=128
[  407.151539][T22590] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6248'.
[  407.164944][T22585] syz.6.6249: attempt to access beyond end of device
[  407.164944][T22585] loop6: rw=2049, sector=233, nr_sectors = 8 limit=128
[  407.165008][T22585] syz.6.6249: attempt to access beyond end of device
[  407.165008][T22585] loop6: rw=2049, sector=249, nr_sectors = 8 limit=128
[  407.200133][T22581] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6248'.
[  407.210541][T22585] syz.6.6249: attempt to access beyond end of device
[  407.210541][T22585] loop6: rw=2049, sector=265, nr_sectors = 8 limit=128
[  407.236097][T22585] syz.6.6249: attempt to access beyond end of device
[  407.236097][T22585] loop6: rw=2049, sector=281, nr_sectors = 8 limit=128
[  407.254785][T22585] syz.6.6249: attempt to access beyond end of device
[  407.254785][T22585] loop6: rw=2049, sector=297, nr_sectors = 8 limit=128
[  407.268507][T22585] syz.6.6249: attempt to access beyond end of device
[  407.268507][T22585] loop6: rw=2049, sector=313, nr_sectors = 8 limit=128
[  407.284288][T20563] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  407.296129][T22585] syz.6.6249: attempt to access beyond end of device
[  407.296129][T22585] loop6: rw=2049, sector=329, nr_sectors = 8 limit=128
[  407.510845][T22604] loop6: detected capacity change from 0 to 128
[  407.660782][T22609] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6258'.
[  407.677101][T21055] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  407.728173][T22617] netlink: 16 bytes leftover after parsing attributes in process `syz.6.6262'.
[  407.787871][T22627] loop6: detected capacity change from 0 to 512
[  407.796176][T22627] EXT4-fs (loop6): Cannot turn on journaled quota: type 0: error -2
[  407.804419][T22627] EXT4-fs (loop6): Cannot turn on journaled quota: type 1: error -2
[  407.812919][T22627] EXT4-fs (loop6): 1 truncate cleaned up
[  407.819378][T22627] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  407.836441][T22627] EXT4-fs error (device loop6): ext4_map_blocks:778: inode #2: block 4: comm syz.6.6266: lblock 0 mapped to illegal pblock 4 (length 1)
[  407.850744][T22627] EXT4-fs (loop6): Remounting filesystem read-only
[  407.918937][T19655] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  408.096776][T22642] netlink: 16 bytes leftover after parsing attributes in process `syz.5.6271'.
[  408.134218][T22646] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6273'.
[  408.581291][T22671] loop0: detected capacity change from 0 to 512
[  408.589633][T22671] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2
[  408.597994][T22671] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -2
[  408.606766][T22671] EXT4-fs (loop0): 1 truncate cleaned up
[  408.612827][T22671] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  408.630642][T22671] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #2: block 4: comm syz.0.6283: lblock 0 mapped to illegal pblock 4 (length 1)
[  408.644894][T22671] EXT4-fs (loop0): Remounting filesystem read-only
[  408.676094][T22423] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  408.767412][   T29] kauditd_printk_skb: 79 callbacks suppressed
[  408.767431][   T29] audit: type=1326 audit(1755399555.506:15429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22682 comm="syz.4.6288" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7faafeb4ebe9 code=0x0
[  408.781454][T22684] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  408.835940][T22688] netlink: zone id is out of range
[  408.841076][T22688] netlink: zone id is out of range
[  408.846450][T22688] netlink: zone id is out of range
[  408.851841][T22688] netlink: 'syz.6.6290': attribute type 21 has an invalid length.
[  408.860088][T22688] netlink: 'syz.6.6290': attribute type 1 has an invalid length.
[  409.045291][T22697] loop5: detected capacity change from 0 to 1024
[  409.054946][T22697] EXT4-fs: Ignoring removed orlov option
[  409.065900][T22697] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  409.083249][T22697] EXT4-fs error (device loop5): ext4_iget_extra_inode:5104: inode #15: comm syz.5.6293: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  409.101087][T22697] EXT4-fs error (device loop5): ext4_iget_extra_inode:5104: inode #15: comm syz.5.6293: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  409.210672][T22703] loop6: detected capacity change from 0 to 512
[  409.223677][T22703] EXT4-fs (loop6): Cannot turn on journaled quota: type 0: error -2
[  409.247325][T22703] EXT4-fs (loop6): Cannot turn on journaled quota: type 1: error -2
[  409.260099][T22703] EXT4-fs (loop6): 1 truncate cleaned up
[  409.282488][T22703] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  409.326268][T22703] EXT4-fs error (device loop6): ext4_map_blocks:778: inode #2: block 4: comm syz.6.6295: lblock 0 mapped to illegal pblock 4 (length 1)
[  409.340619][T22703] EXT4-fs (loop6): Remounting filesystem read-only
[  409.378971][T19655] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  409.430808][T20563] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  409.446115][   T29] audit: type=1400 audit(1755399556.186:15430): avc:  denied  { setopt } for  pid=22716 comm="syz.2.6301" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  409.488770][T22719] loop6: detected capacity change from 0 to 512
[  409.497573][T22719] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843c02c, mo2=0102]
[  409.512909][T22719] System zones: 1-12
[  409.521864][T22719] EXT4-fs error (device loop6): ext4_xattr_inode_iget:442: comm syz.6.6303: error while reading EA inode 32 err=-116
[  409.550971][T22719] EXT4-fs (loop6): Remounting filesystem read-only
[  409.557677][T22719] EXT4-fs warning (device loop6): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  409.608398][T22719] EXT4-fs (loop6): 1 orphan inode deleted
[  409.628712][T22719] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  409.687878][   T29] audit: type=1326 audit(1755399556.416:15431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22718 comm="syz.6.6303" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f589df7ebe9 code=0x0
[  409.743371][T22738] loop4: detected capacity change from 0 to 512
[  409.756783][T22738] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[  409.775593][T22738] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2
[  409.788510][T22738] EXT4-fs (loop4): 1 truncate cleaned up
[  409.801012][T22738] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  409.842626][T22738] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #2: block 4: comm syz.4.6309: lblock 0 mapped to illegal pblock 4 (length 1)
[  409.874566][T22738] EXT4-fs (loop4): Remounting filesystem read-only
[  410.076031][T22750] lo speed is unknown, defaulting to 1000
[  410.121746][T22754] tmpfs: Unknown parameter 'smackfstransmute'
[  410.178909][T22760] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  410.214532][T22738] Set syz1 is full, maxelem 65536 reached
[  410.226216][T22762] __nla_validate_parse: 7 callbacks suppressed
[  410.226228][T22762] netlink: 16 bytes leftover after parsing attributes in process `syz.0.6318'.
[  410.256557][T21679] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  410.311697][T19655] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  410.336449][   T29] audit: type=1326 audit(1755399557.076:15432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22767 comm="syz.4.6320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faafeb4ebe9 code=0x7ffc0000
[  410.362490][   T29] audit: type=1326 audit(1755399557.076:15433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22767 comm="syz.4.6320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7faafeb4ebe9 code=0x7ffc0000
[  410.386136][   T29] audit: type=1326 audit(1755399557.076:15434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22767 comm="syz.4.6320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faafeb4ebe9 code=0x7ffc0000
[  410.409932][   T29] audit: type=1326 audit(1755399557.076:15435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22767 comm="syz.4.6320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=278 compat=0 ip=0x7faafeb4ebe9 code=0x7ffc0000
[  410.433677][   T29] audit: type=1326 audit(1755399557.076:15436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22767 comm="syz.4.6320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faafeb4ebe9 code=0x7ffc0000
[  410.457439][   T29] audit: type=1326 audit(1755399557.076:15437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22767 comm="syz.4.6320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7faafeb4ebe9 code=0x7ffc0000
[  410.481044][   T29] audit: type=1326 audit(1755399557.076:15438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22767 comm="syz.4.6320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faafeb4ebe9 code=0x7ffc0000
[  410.510868][T22773] loop2: detected capacity change from 0 to 512
[  410.524351][T22777] netlink: 12 bytes leftover after parsing attributes in process `syz.6.6323'.
[  410.533940][T22773] EXT4-fs (loop2): orphan cleanup on readonly fs
[  410.541619][T22773] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.6324: Failed to acquire dquot type 1
[  410.553395][T22781] loop5: detected capacity change from 0 to 1024
[  410.570636][T22773] EXT4-fs (loop2): 1 truncate cleaned up
[  410.584975][T22773] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  410.606781][T22773] EXT4-fs error (device loop2): ext4_lookup:1791: inode #2: comm syz.2.6324: deleted inode referenced: 12
[  410.629771][T22787] netlink: 16 bytes leftover after parsing attributes in process `syz.5.6328'.
[  410.709400][T22797] loop0: detected capacity change from 0 to 512
[  410.748218][T22801] netlink: 16 bytes leftover after parsing attributes in process `syz.6.6332'.
[  410.758143][T22797] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2
[  410.766720][T22797] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -2
[  410.773499][T22803] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  410.775814][T22797] EXT4-fs (loop0): 1 truncate cleaned up
[  410.788374][T22797] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  410.829296][T22805] loop6: detected capacity change from 0 to 1024
[  410.837359][T22797] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #2: block 4: comm syz.0.6331: lblock 0 mapped to illegal pblock 4 (length 1)
[  410.848146][T22805] EXT4-fs: Ignoring removed oldalloc option
[  410.857441][T22805] EXT4-fs: Ignoring removed bh option
[  410.867212][T22797] EXT4-fs (loop0): Remounting filesystem read-only
[  410.891266][T22805] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  410.988886][T19655] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  411.026573][T22773] Set syz1 is full, maxelem 65536 reached
[  411.050513][T21055] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  411.270890][T22823] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6339'.
[  411.289944][T22825] netlink: 16 bytes leftover after parsing attributes in process `syz.4.6340'.
[  411.409348][T22797] Set syz1 is full, maxelem 65536 reached
[  411.456881][T22423] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  411.515646][T22835] loop0: detected capacity change from 0 to 1024
[  411.522726][T22835] EXT4-fs: Ignoring removed oldalloc option
[  411.528705][T22835] EXT4-fs: Ignoring removed bh option
[  411.547864][T22837] loop5: detected capacity change from 0 to 512
[  411.566338][T22837] EXT4-fs (loop5): orphan cleanup on readonly fs
[  411.573360][T22835] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  411.586709][T22837] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.6346: Failed to acquire dquot type 1
[  411.608596][T22837] EXT4-fs (loop5): 1 truncate cleaned up
[  411.619088][T22837] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  411.645488][T22423] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  411.661803][T22837] EXT4-fs error (device loop5): ext4_lookup:1791: inode #2: comm syz.5.6346: deleted inode referenced: 12
[  411.760769][T22855] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6352'.
[  411.859166][T22858] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  411.880201][T22858] SELinux: failed to load policy
[  411.926863][T22860] loop6: detected capacity change from 0 to 512
[  411.944521][T22863] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  411.975613][T22860] EXT4-fs (loop6): Cannot turn on journaled quota: type 0: error -2
[  411.988177][T22860] EXT4-fs (loop6): Cannot turn on journaled quota: type 1: error -2
[  412.006508][T22860] EXT4-fs (loop6): 1 truncate cleaned up
[  412.012702][T22860] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  412.033365][T22860] EXT4-fs error (device loop6): ext4_map_blocks:778: inode #2: block 4: comm syz.6.6354: lblock 0 mapped to illegal pblock 4 (length 1)
[  412.049370][T22860] EXT4-fs (loop6): Remounting filesystem read-only
[  412.168603][T22879] loop0: detected capacity change from 0 to 1024
[  412.190791][T22879] EXT4-fs: Ignoring removed oldalloc option
[  412.196811][T22879] EXT4-fs: Ignoring removed bh option
[  412.219893][T22837] Set syz1 is full, maxelem 65536 reached
[  412.250028][T22879] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  412.296389][T22423] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  412.345080][T22891] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6366'.
[  412.378363][T20563] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  412.414420][T22894] netlink: 104 bytes leftover after parsing attributes in process `syz.5.6367'.
[  412.576460][T22903] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  412.585136][T22860] Set syz1 is full, maxelem 65536 reached
[  412.626210][T19655] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  412.686048][T22914] FAULT_INJECTION: forcing a failure.
[  412.686048][T22914] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  412.699325][T22914] CPU: 0 UID: 0 PID: 22914 Comm: syz.6.6376 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(voluntary) 
[  412.699353][T22914] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  412.699363][T22914] Call Trace:
[  412.699443][T22914]  <TASK>
[  412.699452][T22914]  __dump_stack+0x1d/0x30
[  412.699474][T22914]  dump_stack_lvl+0xe8/0x140
[  412.699504][T22914]  dump_stack+0x15/0x1b
[  412.699518][T22914]  should_fail_ex+0x265/0x280
[  412.699536][T22914]  should_fail+0xb/0x20
[  412.699551][T22914]  should_fail_usercopy+0x1a/0x20
[  412.699679][T22914]  _copy_from_user+0x1c/0xb0
[  412.699706][T22914]  __copy_msghdr+0x244/0x300
[  412.699728][T22914]  ___sys_sendmsg+0x109/0x1d0
[  412.699753][T22914]  __sys_sendmmsg+0x178/0x300
[  412.699798][T22914]  __x64_sys_sendmmsg+0x57/0x70
[  412.699820][T22914]  x64_sys_call+0x1c4a/0x2ff0
[  412.699905][T22914]  do_syscall_64+0xd2/0x200
[  412.699976][T22914]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  412.699996][T22914]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  412.700153][T22914]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  412.700175][T22914] RIP: 0033:0x7f589df7ebe9
[  412.700191][T22914] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  412.700208][T22914] RSP: 002b:00007f589c9e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  412.700229][T22914] RAX: ffffffffffffffda RBX: 00007f589e1a5fa0 RCX: 00007f589df7ebe9
[  412.700249][T22914] RDX: 0000000000000001 RSI: 0000200000000b00 RDI: 0000000000000004
[  412.700260][T22914] RBP: 00007f589c9e7090 R08: 0000000000000000 R09: 0000000000000000
[  412.700309][T22914] R10: 0000000020080058 R11: 0000000000000246 R12: 0000000000000001
[  412.700321][T22914] R13: 00007f589e1a6038 R14: 00007f589e1a5fa0 R15: 00007ffd71c5eb18
[  412.700336][T22914]  </TASK>
[  412.948479][T22917] loop6: detected capacity change from 0 to 512
[  412.965651][T22917] EXT4-fs (loop6): Cannot turn on journaled quota: type 0: error -2
[  412.973834][T22917] EXT4-fs (loop6): Cannot turn on journaled quota: type 1: error -2
[  412.982937][T22917] EXT4-fs (loop6): 1 truncate cleaned up
[  412.990284][T22917] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  413.041122][T22917] EXT4-fs error (device loop6): ext4_map_blocks:778: inode #2: block 4: comm syz.6.6377: lblock 0 mapped to illegal pblock 4 (length 1)
[  413.058520][T22917] EXT4-fs (loop6): Remounting filesystem read-only
[  413.061199][T22922] netlink: 40 bytes leftover after parsing attributes in process `’'.
[  413.092229][T22922] loop2: detected capacity change from 0 to 512
[  413.114459][T19655] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  413.133145][T22922] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  413.147150][T22922] ext4 filesystem being mounted at /101/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  413.159138][T22922] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  413.169394][T22924] loop0: detected capacity change from 0 to 128
[  413.241590][T22941] bio_check_eod: 206 callbacks suppressed
[  413.241606][T22941] syz.0.6378: attempt to access beyond end of device
[  413.241606][T22941] loop0: rw=2049, sector=145, nr_sectors = 16 limit=128
[  413.244242][T22936] lo speed is unknown, defaulting to 1000
[  413.254673][T22941] syz.0.6378: attempt to access beyond end of device
[  413.254673][T22941] loop0: rw=2049, sector=169, nr_sectors = 16 limit=128
[  413.314227][T22941] syz.0.6378: attempt to access beyond end of device
[  413.314227][T22941] loop0: rw=2049, sector=193, nr_sectors = 8 limit=128
[  413.329298][T22941] syz.0.6378: attempt to access beyond end of device
[  413.329298][T22941] loop0: rw=2049, sector=209, nr_sectors = 8 limit=128
[  413.343459][T22941] syz.0.6378: attempt to access beyond end of device
[  413.343459][T22941] loop0: rw=2049, sector=225, nr_sectors = 8 limit=128
[  413.357616][T22941] syz.0.6378: attempt to access beyond end of device
[  413.357616][T22941] loop0: rw=2049, sector=241, nr_sectors = 8 limit=128
[  413.371310][T22941] syz.0.6378: attempt to access beyond end of device
[  413.371310][T22941] loop0: rw=2049, sector=257, nr_sectors = 8 limit=128
[  413.392483][T22951] loop5: detected capacity change from 0 to 1024
[  413.407379][T22941] syz.0.6378: attempt to access beyond end of device
[  413.407379][T22941] loop0: rw=2049, sector=273, nr_sectors = 8 limit=128
[  413.415204][T22951] EXT4-fs: quotafile must be on filesystem root
[  413.423243][T22941] syz.0.6378: attempt to access beyond end of device
[  413.423243][T22941] loop0: rw=2049, sector=289, nr_sectors = 8 limit=128
[  413.447755][T22941] syz.0.6378: attempt to access beyond end of device
[  413.447755][T22941] loop0: rw=2049, sector=305, nr_sectors = 8 limit=128
[  413.503177][T22951] loop5: detected capacity change from 0 to 512
[  413.510147][T22941] program syz.0.6378 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  413.527014][T22951] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  413.539665][T22951] ext4 filesystem being mounted at /167/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  413.643823][T20563] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  413.790768][T22969] loop4: detected capacity change from 0 to 512
[  413.799226][T22969] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[  413.807455][T22969] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2
[  413.816682][T22969] EXT4-fs (loop4): 1 truncate cleaned up
[  413.823037][T22969] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  413.842445][T22969] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #2: block 4: comm syz.4.6391: lblock 0 mapped to illegal pblock 4 (length 1)
[  413.857473][T22969] EXT4-fs (loop4): Remounting filesystem read-only
[  414.036664][T22987] loop0: detected capacity change from 0 to 512
[  414.057449][T22987] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2
[  414.065849][T22987] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -2
[  414.075840][T22987] EXT4-fs (loop0): 1 truncate cleaned up
[  414.081979][T22987] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  414.100595][T22992] sd 0:0:1:0: device reset
[  414.100729][T22987] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #2: block 4: comm syz.0.6399: lblock 0 mapped to illegal pblock 4 (length 1)
[  414.120454][T22987] EXT4-fs (loop0): Remounting filesystem read-only
[  414.121855][T22969] Set syz1 is full, maxelem 65536 reached
[  414.153330][T21679] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  414.162889][T22996] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  414.486744][T23016] team0: No ports can be present during mode change
[  414.627062][T22987] Set syz1 is full, maxelem 65536 reached
[  414.680222][T23022] lo speed is unknown, defaulting to 1000
[  414.703591][T22423] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  414.731356][T23026] loop2: detected capacity change from 0 to 512
[  414.739526][T23026] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[  414.748612][T23026] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2
[  414.757534][T23026] EXT4-fs (loop2): 1 truncate cleaned up
[  414.763598][T23026] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  414.783574][T23026] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #2: block 4: comm syz.2.6413: lblock 0 mapped to illegal pblock 4 (length 1)
[  414.798554][T23026] EXT4-fs (loop2): Remounting filesystem read-only
[  414.924764][   T29] kauditd_printk_skb: 72 callbacks suppressed
[  414.924778][   T29] audit: type=1400 audit(1755399561.656:15507): avc:  denied  { create } for  pid=23021 comm="syz.6.6411" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=unix_stream_socket permissive=1
[  414.951872][   T29] audit: type=1400 audit(1755399561.656:15508): avc:  denied  { bind } for  pid=23021 comm="syz.6.6411" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=unix_stream_socket permissive=1
[  414.972748][   T29] audit: type=1400 audit(1755399561.656:15509): avc:  denied  { listen } for  pid=23021 comm="syz.6.6411" path=2F3232372FE91F7189591E9233614B scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=unix_stream_socket permissive=1
[  414.996976][   T29] audit: type=1400 audit(1755399561.656:15510): avc:  denied  { connect } for  pid=23021 comm="syz.6.6411" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=unix_stream_socket permissive=1
[  415.018185][   T29] audit: type=1400 audit(1755399561.656:15511): avc:  denied  { connectto } for  pid=23021 comm="syz.6.6411" path=2F3232372FE91F7189591E9233614B scontext=system_u:object_r:hugetlbfs_t tcontext=system_u:object_r:hugetlbfs_t tclass=unix_stream_socket permissive=1
[  415.043258][   T29] audit: type=1400 audit(1755399561.656:15512): avc:  denied  { create } for  pid=23021 comm="syz.6.6411" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=netlink_route_socket permissive=1
[  415.064661][   T29] audit: type=1400 audit(1755399561.656:15513): avc:  denied  { create } for  pid=23021 comm="syz.6.6411" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=udp_socket permissive=1
[  415.085081][   T29] audit: type=1400 audit(1755399561.656:15514): avc:  denied  { create } for  pid=23021 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=netlink_generic_socket permissive=1
[  415.253236][T23026] Set syz1 is full, maxelem 65536 reached
[  415.295718][T23048] lo speed is unknown, defaulting to 1000
[  415.315979][T21055] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  415.338220][T23050] loop2: detected capacity change from 0 to 128
[  415.394724][   T29] audit: type=1326 audit(1755399562.126:15515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23055 comm="syz.4.6425" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7faafeb4ebe9 code=0x0
[  415.443495][T23057] loop4: detected capacity change from 0 to 512
[  415.450335][T23057] EXT4-fs: Ignoring removed nobh option
[  415.476394][T23057] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #3: comm syz.4.6425: corrupted inode contents
[  415.488854][T23057] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #3: comm syz.4.6425: mark_inode_dirty error
[  415.501197][T23057] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #3: comm syz.4.6425: corrupted inode contents
[  415.513581][T23057] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #3: comm syz.4.6425: mark_inode_dirty error
[  415.526007][T23057] Quota error (device loop4): write_blk: dquota write failed
[  415.534111][T23057] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.6425: Failed to acquire dquot type 0
[  415.555740][T23057] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.6425: corrupted inode contents
[  415.569359][T23057] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #16: comm syz.4.6425: mark_inode_dirty error
[  415.598568][T23057] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.6425: corrupted inode contents
[  415.621022][T23057] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #16: comm syz.4.6425: mark_inode_dirty error
[  415.646291][T23057] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.6425: corrupted inode contents
[  415.668809][T23057] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem
[  415.690508][T23057] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.6425: corrupted inode contents
[  415.723502][T23057] EXT4-fs error (device loop4): ext4_truncate:4666: inode #16: comm syz.4.6425: mark_inode_dirty error
[  415.742785][T23057] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem
[  415.769834][T23057] EXT4-fs (loop4): 1 truncate cleaned up
[  415.784176][T23057] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  415.798128][T23057] ext4 filesystem being mounted at /79/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  415.877554][T23079] loop2: detected capacity change from 0 to 1024
[  415.885474][T23079] EXT4-fs: Ignoring removed oldalloc option
[  415.891538][T23079] EXT4-fs: Ignoring removed bh option
[  415.906093][T23079] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  415.930229][T21055] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  415.964757][T23090] loop2: detected capacity change from 0 to 128
[  416.187755][T23104] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  416.228671][T21679] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  416.249757][T23104] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  416.329195][T23104] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  416.417715][T23104] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  416.437129][T23112] FAULT_INJECTION: forcing a failure.
[  416.437129][T23112] name failslab, interval 1, probability 0, space 0, times 0
[  416.449947][T23112] CPU: 1 UID: 0 PID: 23112 Comm: syz.4.6446 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(voluntary) 
[  416.450028][T23112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  416.450122][T23112] Call Trace:
[  416.450130][T23112]  <TASK>
[  416.450138][T23112]  __dump_stack+0x1d/0x30
[  416.450238][T23112]  dump_stack_lvl+0xe8/0x140
[  416.450258][T23112]  dump_stack+0x15/0x1b
[  416.450275][T23112]  should_fail_ex+0x265/0x280
[  416.450296][T23112]  should_failslab+0x8c/0xb0
[  416.450321][T23112]  __kvmalloc_node_noprof+0x123/0x4e0
[  416.450409][T23112]  ? vmemdup_user+0x26/0xd0
[  416.450430][T23112]  ? should_fail_usercopy+0x1a/0x20
[  416.450449][T23112]  vmemdup_user+0x26/0xd0
[  416.450528][T23112]  path_setxattrat+0x1b6/0x310
[  416.450570][T23112]  __x64_sys_fsetxattr+0x6b/0x80
[  416.450595][T23112]  x64_sys_call+0x1ced/0x2ff0
[  416.450657][T23112]  do_syscall_64+0xd2/0x200
[  416.450735][T23112]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  416.450759][T23112]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  416.450781][T23112]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  416.450845][T23112] RIP: 0033:0x7faafeb4ebe9
[  416.450861][T23112] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  416.450879][T23112] RSP: 002b:00007faafd5af038 EFLAGS: 00000246 ORIG_RAX: 00000000000000be
[  416.450899][T23112] RAX: ffffffffffffffda RBX: 00007faafed75fa0 RCX: 00007faafeb4ebe9
[  416.450911][T23112] RDX: 00002000000004c0 RSI: 0000200000000480 RDI: 000000000000000a
[  416.450939][T23112] RBP: 00007faafd5af090 R08: 0000000000000000 R09: 0000000000000000
[  416.450950][T23112] R10: 000000000000001a R11: 0000000000000246 R12: 0000000000000001
[  416.450963][T23112] R13: 00007faafed76038 R14: 00007faafed75fa0 R15: 00007ffdfbf96cd8
[  416.450982][T23112]  </TASK>
[  416.652390][ T3580] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  416.664704][ T3580] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  416.676299][ T3580] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  416.704969][ T3580] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  416.990396][T23144] loop2: detected capacity change from 0 to 1024
[  416.997394][T23144] EXT4-fs: Ignoring removed oldalloc option
[  417.003451][T23144] EXT4-fs: Ignoring removed bh option
[  417.020406][T23144] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  417.092203][T21055] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  417.144137][T23160] __nla_validate_parse: 3 callbacks suppressed
[  417.144154][T23160] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6463'.
[  417.165678][T23163] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6465'.
[  417.183137][T23165] syzkaller0: entered allmulticast mode
[  417.189316][T23165] syzkaller0: entered promiscuous mode
[  417.206790][T23165] syzkaller0 (unregistering): left allmulticast mode
[  417.213621][T23165] syzkaller0 (unregistering): left promiscuous mode
[  417.257620][T23176] loop4: detected capacity change from 0 to 1024
[  417.264475][T23176] EXT4-fs: Ignoring removed oldalloc option
[  417.270565][T23176] EXT4-fs: Ignoring removed bh option
[  417.277009][T23176] /dev/loop4: Can't open blockdev
[  417.285079][T23166] SELinux: security_context_str_to_sid () failed with errno=-22
[  417.309664][T23181] loop6: detected capacity change from 0 to 1024
[  417.313012][T23185] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6474'.
[  417.316813][T23181] EXT4-fs: Ignoring removed bh option
[  417.331579][T23181] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  417.345344][T23181] EXT4-fs error (device loop6): ext4_quota_enable:7124: comm syz.6.6472: inode #2304: comm syz.6.6472: iget: illegal inode #
[  417.360717][T23181] EXT4-fs (loop6): Remounting filesystem read-only
[  417.367382][T23181] EXT4-fs warning (device loop6): ext4_enable_quotas:7168: Failed to enable quota tracking (type=2, err=-117, ino=2304). Please run e2fsck to fix.
[  417.383509][T23181] EXT4-fs (loop6): mount failed
[  417.426027][T23181] netlink: 12 bytes leftover after parsing attributes in process `syz.6.6472'.
[  417.576595][T23201] netlink: 12 bytes leftover after parsing attributes in process `syz.6.6478'.
[  418.034776][T23211] Set syz1 is full, maxelem 65536 reached
[  418.066171][T23217] loop2: detected capacity change from 0 to 1024
[  418.072932][T23217] EXT4-fs: Ignoring removed oldalloc option
[  418.078958][T23217] EXT4-fs: Ignoring removed bh option
[  418.092620][T23219] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6485'.
[  418.103589][T23217] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  418.126612][T21055] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  418.190245][T23231] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6490'.
[  418.254438][T23234] loop0: detected capacity change from 0 to 512
[  418.280001][T23234] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  418.288808][T23234] EXT4-fs (loop0): orphan cleanup on readonly fs
[  418.298514][T23234] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.6491: corrupted inode contents
[  418.310770][T23234] EXT4-fs (loop0): Remounting filesystem read-only
[  418.318876][T23234] EXT4-fs (loop0): 1 truncate cleaned up
[  418.324922][ T3612] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  418.335532][ T3612] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  418.346281][ T3612] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[  418.356983][T23234] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  418.406033][T23249] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6496'.
[  418.423127][T23252] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  418.434725][T23255] loop4: detected capacity change from 0 to 512
[  418.445769][T23255] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[  418.454063][T23255] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2
[  418.462703][T23255] EXT4-fs (loop4): 1 truncate cleaned up
[  418.469454][T23255] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  418.488850][T23255] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #2: block 4: comm syz.4.6497: lblock 0 mapped to illegal pblock 4 (length 1)
[  418.504059][T23255] EXT4-fs (loop4): Remounting filesystem read-only
[  418.526196][T22423] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  418.576703][T21679] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  418.608594][T23273] loop5: detected capacity change from 0 to 1024
[  418.615591][T23273] EXT4-fs: Ignoring removed orlov option
[  418.629821][T23273] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  418.639590][T23276] netlink: 12 bytes leftover after parsing attributes in process `syz.6.6503'.
[  418.645524][T23273] netlink: 16 bytes leftover after parsing attributes in process `syz.5.6498'.
[  418.730817][T23279] loop6: detected capacity change from 0 to 128
[  418.813584][T23282] bio_check_eod: 293 callbacks suppressed
[  418.813603][T23282] syz.6.6504: attempt to access beyond end of device
[  418.813603][T23282] loop6: rw=2049, sector=145, nr_sectors = 16 limit=128
[  418.835363][T23282] syz.6.6504: attempt to access beyond end of device
[  418.835363][T23282] loop6: rw=2049, sector=169, nr_sectors = 16 limit=128
[  418.849686][T23282] syz.6.6504: attempt to access beyond end of device
[  418.849686][T23282] loop6: rw=2049, sector=193, nr_sectors = 8 limit=128
[  418.863387][T23282] syz.6.6504: attempt to access beyond end of device
[  418.863387][T23282] loop6: rw=2049, sector=209, nr_sectors = 8 limit=128
[  418.892534][T23282] syz.6.6504: attempt to access beyond end of device
[  418.892534][T23282] loop6: rw=2049, sector=225, nr_sectors = 8 limit=128
[  418.917651][T23282] syz.6.6504: attempt to access beyond end of device
[  418.917651][T23282] loop6: rw=2049, sector=241, nr_sectors = 8 limit=128
[  418.931196][T23282] syz.6.6504: attempt to access beyond end of device
[  418.931196][T23282] loop6: rw=2049, sector=257, nr_sectors = 8 limit=128
[  418.945466][T23282] syz.6.6504: attempt to access beyond end of device
[  418.945466][T23282] loop6: rw=2049, sector=273, nr_sectors = 8 limit=128
[  418.959161][T23282] syz.6.6504: attempt to access beyond end of device
[  418.959161][T23282] loop6: rw=2049, sector=289, nr_sectors = 8 limit=128
[  418.973575][T23282] syz.6.6504: attempt to access beyond end of device
[  418.973575][T23282] loop6: rw=2049, sector=305, nr_sectors = 8 limit=128
[  419.387805][T23305] FAULT_INJECTION: forcing a failure.
[  419.387805][T23305] name failslab, interval 1, probability 0, space 0, times 0
[  419.400603][T23305] CPU: 0 UID: 0 PID: 23305 Comm: syz.2.6511 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(voluntary) 
[  419.400689][T23305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  419.400699][T23305] Call Trace:
[  419.400706][T23305]  <TASK>
[  419.400712][T23305]  __dump_stack+0x1d/0x30
[  419.400735][T23305]  dump_stack_lvl+0xe8/0x140
[  419.400755][T23305]  dump_stack+0x15/0x1b
[  419.400773][T23305]  should_fail_ex+0x265/0x280
[  419.400866][T23305]  should_failslab+0x8c/0xb0
[  419.400890][T23305]  kmem_cache_alloc_node_noprof+0x57/0x320
[  419.400989][T23305]  ? __alloc_skb+0x101/0x320
[  419.401019][T23305]  __alloc_skb+0x101/0x320
[  419.401044][T23305]  netlink_alloc_large_skb+0xba/0xf0
[  419.401121][T23305]  netlink_sendmsg+0x3cf/0x6b0
[  419.401144][T23305]  ? __pfx_netlink_sendmsg+0x10/0x10
[  419.401164][T23305]  __sock_sendmsg+0x142/0x180
[  419.401206][T23305]  ____sys_sendmsg+0x31e/0x4e0
[  419.401227][T23305]  ___sys_sendmsg+0x17b/0x1d0
[  419.401253][T23305]  __x64_sys_sendmsg+0xd4/0x160
[  419.401274][T23305]  x64_sys_call+0x191e/0x2ff0
[  419.401294][T23305]  do_syscall_64+0xd2/0x200
[  419.401334][T23305]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  419.401359][T23305]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  419.401428][T23305]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  419.401450][T23305] RIP: 0033:0x7fd4b2f7ebe9
[  419.401465][T23305] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  419.401480][T23305] RSP: 002b:00007fd4b19e7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  419.401506][T23305] RAX: ffffffffffffffda RBX: 00007fd4b31a5fa0 RCX: 00007fd4b2f7ebe9
[  419.401576][T23305] RDX: 0000000000000094 RSI: 0000200000000240 RDI: 0000000000000003
[  419.401643][T23305] RBP: 00007fd4b19e7090 R08: 0000000000000000 R09: 0000000000000000
[  419.401656][T23305] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  419.401667][T23305] R13: 00007fd4b31a6038 R14: 00007fd4b31a5fa0 R15: 00007fff60277318
[  419.401689][T23305]  </TASK>
[  419.689578][T23320] FAULT_INJECTION: forcing a failure.
[  419.689578][T23320] name failslab, interval 1, probability 0, space 0, times 0
[  419.702472][T23320] CPU: 0 UID: 0 PID: 23320 Comm: syz.0.6517 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(voluntary) 
[  419.702502][T23320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  419.702514][T23320] Call Trace:
[  419.702522][T23320]  <TASK>
[  419.702530][T23320]  __dump_stack+0x1d/0x30
[  419.702579][T23320]  dump_stack_lvl+0xe8/0x140
[  419.702598][T23320]  dump_stack+0x15/0x1b
[  419.702614][T23320]  should_fail_ex+0x265/0x280
[  419.702679][T23320]  should_failslab+0x8c/0xb0
[  419.702781][T23320]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  419.702810][T23320]  ? __rcu_read_unlock+0x4f/0x70
[  419.702830][T23320]  ? selinux_sb_eat_lsm_opts+0x65e/0x750
[  419.702911][T23320]  kmemdup_nul+0x36/0xc0
[  419.702936][T23320]  selinux_sb_eat_lsm_opts+0x65e/0x750
[  419.702958][T23320]  security_sb_eat_lsm_opts+0x40/0x80
[  419.702984][T23320]  legacy_parse_monolithic+0xa0/0xe0
[  419.703082][T23320]  parse_monolithic_mount_data+0x43/0x60
[  419.703101][T23320]  do_new_mount+0x1da/0x5e0
[  419.703118][T23320]  ? security_capable+0x83/0x90
[  419.703138][T23320]  path_mount+0x4a4/0xb20
[  419.703158][T23320]  ? user_path_at+0x109/0x130
[  419.703248][T23320]  __se_sys_mount+0x28f/0x2e0
[  419.703288][T23320]  ? fput+0x8f/0xc0
[  419.703334][T23320]  __x64_sys_mount+0x67/0x80
[  419.703352][T23320]  x64_sys_call+0x2b4d/0x2ff0
[  419.703372][T23320]  do_syscall_64+0xd2/0x200
[  419.703394][T23320]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  419.703414][T23320]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  419.703482][T23320]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  419.703500][T23320] RIP: 0033:0x7f19b9b0ebe9
[  419.703513][T23320] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  419.703528][T23320] RSP: 002b:00007f19b856f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  419.703544][T23320] RAX: ffffffffffffffda RBX: 00007f19b9d35fa0 RCX: 00007f19b9b0ebe9
[  419.703585][T23320] RDX: 00002000000003c0 RSI: 0000200000000140 RDI: 0000000000000000
[  419.703596][T23320] RBP: 00007f19b856f090 R08: 0000200000000580 R09: 0000000000000000
[  419.703606][T23320] R10: 0000000000200000 R11: 0000000000000246 R12: 0000000000000001
[  419.703693][T23320] R13: 00007f19b9d36038 R14: 00007f19b9d35fa0 R15: 00007ffd788cf088
[  419.703709][T23320]  </TASK>
[  419.941136][T23313] loop2: detected capacity change from 0 to 512
[  419.949386][T23313] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  419.957671][T23313] EXT4-fs (loop2): orphan cleanup on readonly fs
[  419.964404][T23313] __quota_error: 100 callbacks suppressed
[  419.964475][T23313] Quota error (device loop2): dq_insert_tree: Quota tree root isn't allocated!
[  419.964836][   T29] audit: type=1326 audit(1755399566.696:15609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23322 comm="syz.6.6519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f589df7ebe9 code=0x7ffc0000
[  419.970328][T23313] Quota error (device loop2): qtree_write_dquot: Error -5 occurred while creating quota
[  419.979358][   T29] audit: type=1326 audit(1755399566.696:15610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23322 comm="syz.6.6519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f589df7ebe9 code=0x7ffc0000
[  420.002911][T23313] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.6515: Failed to acquire dquot type 1
[  420.003787][T23313] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.6515: bg 0: block 40: padding at end of block bitmap is not set
[  420.013078][   T29] audit: type=1326 audit(1755399566.696:15611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23322 comm="syz.6.6519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f589df7ebe9 code=0x7ffc0000
[  420.086234][   T29] audit: type=1326 audit(1755399566.706:15612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23322 comm="syz.6.6519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f589df7ebe9 code=0x7ffc0000
[  420.096469][T23313] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  420.110759][T23323] FAULT_INJECTION: forcing a failure.
[  420.110759][T23323] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  420.132002][T23323] CPU: 0 UID: 0 PID: 23323 Comm: syz.6.6519 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(voluntary) 
[  420.132033][T23323] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  420.132045][T23323] Call Trace:
[  420.132053][T23323]  <TASK>
[  420.132060][T23323]  __dump_stack+0x1d/0x30
[  420.132192][T23323]  dump_stack_lvl+0xe8/0x140
[  420.132208][T23323]  dump_stack+0x15/0x1b
[  420.132222][T23323]  should_fail_ex+0x265/0x280
[  420.132242][T23323]  should_fail+0xb/0x20
[  420.132259][T23323]  should_fail_usercopy+0x1a/0x20
[  420.132295][T23323]  _copy_to_user+0x20/0xa0
[  420.132317][T23323]  simple_read_from_buffer+0xb5/0x130
[  420.132336][T23323]  proc_fail_nth_read+0x10e/0x150
[  420.132367][T23323]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  420.132392][T23323]  vfs_read+0x1a5/0x770
[  420.132474][T23323]  ? __rcu_read_unlock+0x4f/0x70
[  420.132495][T23323]  ? __fget_files+0x184/0x1c0
[  420.132519][T23323]  ksys_read+0xda/0x1a0
[  420.132540][T23323]  __x64_sys_read+0x40/0x50
[  420.132561][T23323]  x64_sys_call+0x27bc/0x2ff0
[  420.132579][T23323]  do_syscall_64+0xd2/0x200
[  420.132600][T23323]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  420.132698][T23323]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  420.132720][T23323] RIP: 0033:0x7f589df7d5fc
[  420.132742][T23323] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  420.132760][T23323] RSP: 002b:00007f589c9e7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  420.132793][T23323] RAX: ffffffffffffffda RBX: 00007f589e1a5fa0 RCX: 00007f589df7d5fc
[  420.132804][T23323] RDX: 000000000000000f RSI: 00007f589c9e70a0 RDI: 0000000000000003
[  420.132815][T23323] RBP: 00007f589c9e7090 R08: 0000000000000000 R09: 0000000000000000
[  420.132825][T23323] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  420.132837][T23323] R13: 00007f589e1a6038 R14: 00007f589e1a5fa0 R15: 00007ffd71c5eb18
[  420.132853][T23323]  </TASK>
[  420.136088][T23313] EXT4-fs (loop2): 1 truncate cleaned up
[  420.163862][   T29] audit: type=1326 audit(1755399566.846:15613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23322 comm="syz.6.6519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f589df7ebe9 code=0x7ffc0000
[  420.362313][   T29] audit: type=1326 audit(1755399566.846:15614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23322 comm="syz.6.6519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f589df7d550 code=0x7ffc0000
[  420.368135][T23335] loop4: detected capacity change from 0 to 128
[  420.386470][   T29] audit: type=1326 audit(1755399566.846:15615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23322 comm="syz.6.6519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f589df7d69f code=0x7ffc0000
[  420.416513][   T29] audit: type=1326 audit(1755399566.846:15616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23322 comm="syz.6.6519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=121 compat=0 ip=0x7f589df7ebe9 code=0x7ffc0000
[  420.488481][T23348] loop2: detected capacity change from 0 to 512
[  420.502440][T23338] loop5: detected capacity change from 0 to 512
[  420.511695][T23338] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -2
[  420.512112][T23348] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[  420.533630][T23338] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.6523: invalid indirect mapped block 8 (level 2)
[  420.554237][T23348] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2
[  420.570512][T23338] EXT4-fs (loop5): Remounting filesystem read-only
[  420.571749][T23354] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  420.584847][T23338] EXT4-fs (loop5): 1 truncate cleaned up
[  420.591969][T23348] EXT4-fs (loop2): 1 truncate cleaned up
[  420.609954][T23348] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #2: block 4: comm syz.2.6527: lblock 0 mapped to illegal pblock 4 (length 1)
[  420.633964][T23348] EXT4-fs (loop2): Remounting filesystem read-only
[  421.220903][T23372] loop2: detected capacity change from 0 to 512
[  421.230057][T23372] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[  421.238412][T23372] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2
[  421.246961][T23372] EXT4-fs (loop2): 1 truncate cleaned up
[  421.259238][T23372] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #2: block 4: comm syz.2.6531: lblock 0 mapped to illegal pblock 4 (length 1)
[  421.265982][T23375] FAULT_INJECTION: forcing a failure.
[  421.265982][T23375] name failslab, interval 1, probability 0, space 0, times 0
[  421.273807][T23372] EXT4-fs (loop2): Remounting filesystem read-only
[  421.286026][T23375] CPU: 0 UID: 0 PID: 23375 Comm: syz.4.6532 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(voluntary) 
[  421.286053][T23375] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  421.286064][T23375] Call Trace:
[  421.286070][T23375]  <TASK>
[  421.286078][T23375]  __dump_stack+0x1d/0x30
[  421.286099][T23375]  dump_stack_lvl+0xe8/0x140
[  421.286114][T23375]  dump_stack+0x15/0x1b
[  421.286138][T23375]  should_fail_ex+0x265/0x280
[  421.286158][T23375]  should_failslab+0x8c/0xb0
[  421.286181][T23375]  kmem_cache_alloc_noprof+0x50/0x310
[  421.286206][T23375]  ? mas_alloc_nodes+0x265/0x520
[  421.286232][T23375]  mas_alloc_nodes+0x265/0x520
[  421.286257][T23375]  mas_preallocate+0x33e/0x520
[  421.286284][T23375]  mmap_region+0xbdd/0x1630
[  421.286325][T23375]  do_mmap+0x9b3/0xbe0
[  421.286355][T23375]  vm_mmap_pgoff+0x17a/0x2e0
[  421.286392][T23375]  ksys_mmap_pgoff+0xc2/0x310
[  421.286419][T23375]  ? __x64_sys_mmap+0x49/0x70
[  421.286440][T23375]  x64_sys_call+0x14a3/0x2ff0
[  421.286460][T23375]  do_syscall_64+0xd2/0x200
[  421.286483][T23375]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  421.286505][T23375]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  421.286527][T23375]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  421.286546][T23375] RIP: 0033:0x7faafeb4ec23
[  421.286561][T23375] Code: f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 41 89 ca 41 f7 c1 ff 0f 00 00 75 14 b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 25 c3 0f 1f 40 00 48 c7 c0 a8 ff ff ff 64 c7
[  421.286577][T23375] RSP: 002b:00007faafd5aee18 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  421.286595][T23375] RAX: ffffffffffffffda RBX: 0000000000000453 RCX: 00007faafeb4ec23
[  421.286607][T23375] RDX: 0000000000000003 RSI: 0000000008400000 RDI: 0000000000000000
[  421.286619][T23375] RBP: 0000200000000d82 R08: 00000000ffffffff R09: 0000000000000000
[  421.286630][T23375] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000000007
[  421.286641][T23375] R13: 00007faafd5aeef0 R14: 00007faafd5aeeb0 R15: 0000200000000000
[  421.286667][T23375]  </TASK>
[  421.635589][T23390] usb usb8: usbfs: process 23390 (syz.0.6538) did not claim interface 0 before use
[  421.658399][T23392] loop5: detected capacity change from 0 to 512
[  421.664909][T23390] FAULT_INJECTION: forcing a failure.
[  421.664909][T23390] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  421.678234][T23390] CPU: 1 UID: 0 PID: 23390 Comm: syz.0.6538 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(voluntary) 
[  421.678276][T23390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  421.678287][T23390] Call Trace:
[  421.678294][T23390]  <TASK>
[  421.678302][T23390]  __dump_stack+0x1d/0x30
[  421.678322][T23390]  dump_stack_lvl+0xe8/0x140
[  421.678340][T23390]  dump_stack+0x15/0x1b
[  421.678353][T23390]  should_fail_ex+0x265/0x280
[  421.678392][T23390]  should_fail+0xb/0x20
[  421.678407][T23390]  should_fail_usercopy+0x1a/0x20
[  421.678430][T23390]  _copy_to_user+0x20/0xa0
[  421.678515][T23390]  simple_read_from_buffer+0xb5/0x130
[  421.678535][T23390]  proc_fail_nth_read+0x10e/0x150
[  421.678560][T23390]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  421.678585][T23390]  vfs_read+0x1a5/0x770
[  421.678604][T23390]  ? __rcu_read_unlock+0x4f/0x70
[  421.678693][T23390]  ? __fget_files+0x184/0x1c0
[  421.678714][T23390]  ? finish_task_switch+0xad/0x2b0
[  421.678737][T23390]  ksys_read+0xda/0x1a0
[  421.678828][T23390]  __x64_sys_read+0x40/0x50
[  421.678845][T23390]  x64_sys_call+0x27bc/0x2ff0
[  421.678867][T23390]  do_syscall_64+0xd2/0x200
[  421.678893][T23390]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  421.678945][T23390]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  421.678985][T23390]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  421.679110][T23390] RIP: 0033:0x7f19b9b0d5fc
[  421.679126][T23390] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  421.679144][T23390] RSP: 002b:00007f19b856f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  421.679233][T23390] RAX: ffffffffffffffda RBX: 00007f19b9d35fa0 RCX: 00007f19b9b0d5fc
[  421.679247][T23390] RDX: 000000000000000f RSI: 00007f19b856f0a0 RDI: 0000000000000004
[  421.679320][T23390] RBP: 00007f19b856f090 R08: 0000000000000000 R09: 0000000000000000
[  421.679334][T23390] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  421.679347][T23390] R13: 00007f19b9d36038 R14: 00007f19b9d35fa0 R15: 00007ffd788cf088
[  421.679366][T23390]  </TASK>
[  421.681395][T23392] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -2
[  421.905348][T23392] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -2
[  421.915829][T23392] EXT4-fs (loop5): 1 truncate cleaned up
[  421.940395][T23392] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #2: block 4: comm syz.5.6539: lblock 0 mapped to illegal pblock 4 (length 1)
[  421.975006][T23392] EXT4-fs (loop5): Remounting filesystem read-only
[  422.010912][T23403] loop2: detected capacity change from 0 to 128
[  422.077389][T23409] FAULT_INJECTION: forcing a failure.
[  422.077389][T23409] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  422.090902][T23409] CPU: 0 UID: 0 PID: 23409 Comm: syz.6.6545 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(voluntary) 
[  422.090932][T23409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  422.090946][T23409] Call Trace:
[  422.091002][T23409]  <TASK>
[  422.091011][T23409]  __dump_stack+0x1d/0x30
[  422.091034][T23409]  dump_stack_lvl+0xe8/0x140
[  422.091053][T23409]  dump_stack+0x15/0x1b
[  422.091070][T23409]  should_fail_ex+0x265/0x280
[  422.091106][T23409]  should_fail+0xb/0x20
[  422.091124][T23409]  should_fail_usercopy+0x1a/0x20
[  422.091144][T23409]  _copy_from_user+0x1c/0xb0
[  422.091166][T23409]  restore_altstack+0x4b/0x2d0
[  422.091200][T23409]  ? __set_task_blocked+0x23a/0x2a0
[  422.091223][T23409]  __ia32_sys_rt_sigreturn+0xdc/0x350
[  422.091245][T23409]  ? _raw_spin_unlock_irq+0x26/0x50
[  422.091271][T23409]  ? signal_setup_done+0x266/0x290
[  422.091286][T23409]  ? xfd_validate_state+0x45/0xf0
[  422.091344][T23409]  ? fpu__clear_user_states+0x63/0x1e0
[  422.091368][T23409]  ? fpregs_mark_activate+0x66/0x140
[  422.091405][T23409]  ? fpu__clear_user_states+0x63/0x1e0
[  422.091485][T23409]  ? arch_do_signal_or_restart+0x2f3/0x480
[  422.091504][T23409]  ? __rcu_read_unlock+0x4f/0x70
[  422.091528][T23409]  x64_sys_call+0x2d3c/0x2ff0
[  422.091550][T23409]  do_syscall_64+0xd2/0x200
[  422.091643][T23409]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  422.091668][T23409]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  422.091693][T23409]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  422.091715][T23409] RIP: 0033:0x7f589df1add9
[  422.091732][T23409] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25
[  422.091788][T23409] RSP: 002b:00007f589c9c5a80 EFLAGS: 00000202 ORIG_RAX: 000000000000000f
[  422.091809][T23409] RAX: ffffffffffffffda RBX: 00007f589e1a6090 RCX: 00007f589df1add9
[  422.091822][T23409] RDX: 00007f589c9c5a80 RSI: 00007f589c9c5bb0 RDI: 0000000000000021
[  422.091833][T23409] RBP: 00007f589c9c6090 R08: 0000000000000000 R09: 0000000000000000
[  422.091844][T23409] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001
[  422.091887][T23409] R13: 00007f589e1a6128 R14: 00007f589e1a6090 R15: 00007ffd71c5eb18
[  422.091906][T23409]  </TASK>
[  422.523223][T23402] Set syz1 is full, maxelem 65536 reached
[  422.562790][T23418] loop0: detected capacity change from 0 to 512
[  422.576148][T23418] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2
[  422.585699][T23418] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -2
[  422.596828][T23418] EXT4-fs (loop0): 1 truncate cleaned up
[  422.624260][T23418] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #2: block 4: comm syz.0.6548: lblock 0 mapped to illegal pblock 4 (length 1)
[  422.639313][T23418] EXT4-fs (loop0): Remounting filesystem read-only
[  422.905688][T23418] Set syz1 is full, maxelem 65536 reached
[  423.232659][T23447] FAULT_INJECTION: forcing a failure.
[  423.232659][T23447] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  423.246150][T23447] CPU: 1 UID: 0 PID: 23447 Comm: syz.4.6557 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(voluntary) 
[  423.246181][T23447] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  423.246193][T23447] Call Trace:
[  423.246202][T23447]  <TASK>
[  423.246210][T23447]  __dump_stack+0x1d/0x30
[  423.246280][T23447]  dump_stack_lvl+0xe8/0x140
[  423.246296][T23447]  dump_stack+0x15/0x1b
[  423.246310][T23447]  should_fail_ex+0x265/0x280
[  423.246396][T23447]  should_fail+0xb/0x20
[  423.246414][T23447]  should_fail_usercopy+0x1a/0x20
[  423.246433][T23447]  _copy_to_user+0x20/0xa0
[  423.246455][T23447]  simple_read_from_buffer+0xb5/0x130
[  423.246555][T23447]  proc_fail_nth_read+0x10e/0x150
[  423.246580][T23447]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  423.246602][T23447]  vfs_read+0x1a5/0x770
[  423.246619][T23447]  ? __rcu_read_unlock+0x4f/0x70
[  423.246701][T23447]  ? __fget_files+0x184/0x1c0
[  423.246727][T23447]  ksys_read+0xda/0x1a0
[  423.246775][T23447]  __x64_sys_read+0x40/0x50
[  423.246792][T23447]  x64_sys_call+0x27bc/0x2ff0
[  423.246810][T23447]  do_syscall_64+0xd2/0x200
[  423.246891][T23447]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  423.246968][T23447]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  423.246993][T23447]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  423.247014][T23447] RIP: 0033:0x7faafeb4d5fc
[  423.247031][T23447] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  423.247049][T23447] RSP: 002b:00007faafd5af030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  423.247121][T23447] RAX: ffffffffffffffda RBX: 00007faafed75fa0 RCX: 00007faafeb4d5fc
[  423.247134][T23447] RDX: 000000000000000f RSI: 00007faafd5af0a0 RDI: 0000000000000005
[  423.247147][T23447] RBP: 00007faafd5af090 R08: 0000000000000000 R09: 0000000000000000
[  423.247159][T23447] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  423.247169][T23447] R13: 00007faafed76038 R14: 00007faafed75fa0 R15: 00007ffdfbf96cd8
[  423.247199][T23447]  </TASK>
[  423.588711][T23455] loop5: detected capacity change from 0 to 512
[  423.596456][T23455] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -2
[  423.605359][T23455] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -2
[  423.614108][T23455] EXT4-fs (loop5): 1 truncate cleaned up
[  423.627696][T23455] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #2: block 4: comm syz.5.6561: lblock 0 mapped to illegal pblock 4 (length 1)
[  423.642070][T23455] EXT4-fs (loop5): Remounting filesystem read-only
[  423.776667][T23465] loop5: detected capacity change from 0 to 128
[  423.776934][T23467] loop2: detected capacity change from 0 to 512
[  423.793795][T23467] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[  423.810585][T23467] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2
[  423.829724][T23467] EXT4-fs (loop2): 1 truncate cleaned up
[  423.860488][T23472] bio_check_eod: 15740 callbacks suppressed
[  423.860503][T23472] syz.5.6565: attempt to access beyond end of device
[  423.860503][T23472] loop5: rw=2049, sector=145, nr_sectors = 16 limit=128
[  423.861467][T23467] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #2: block 4: comm syz.2.6566: lblock 0 mapped to illegal pblock 4 (length 1)
[  423.874662][T23472] syz.5.6565: attempt to access beyond end of device
[  423.874662][T23472] loop5: rw=2049, sector=169, nr_sectors = 16 limit=128
[  423.881489][T23467] EXT4-fs (loop2): Remounting filesystem read-only
[  423.895959][T23472] syz.5.6565: attempt to access beyond end of device
[  423.895959][T23472] loop5: rw=2049, sector=193, nr_sectors = 8 limit=128
[  423.927793][T23472] syz.5.6565: attempt to access beyond end of device
[  423.927793][T23472] loop5: rw=2049, sector=209, nr_sectors = 8 limit=128
[  423.941366][T23472] syz.5.6565: attempt to access beyond end of device
[  423.941366][T23472] loop5: rw=2049, sector=225, nr_sectors = 8 limit=128
[  423.959261][T23472] syz.5.6565: attempt to access beyond end of device
[  423.959261][T23472] loop5: rw=2049, sector=241, nr_sectors = 8 limit=128
[  423.980096][T23472] syz.5.6565: attempt to access beyond end of device
[  423.980096][T23472] loop5: rw=2049, sector=257, nr_sectors = 8 limit=128
[  423.993839][T23472] syz.5.6565: attempt to access beyond end of device
[  423.993839][T23472] loop5: rw=2049, sector=273, nr_sectors = 8 limit=128
[  424.008349][T23472] syz.5.6565: attempt to access beyond end of device
[  424.008349][T23472] loop5: rw=2049, sector=289, nr_sectors = 8 limit=128
[  424.023488][T23472] syz.5.6565: attempt to access beyond end of device
[  424.023488][T23472] loop5: rw=2049, sector=305, nr_sectors = 8 limit=128
[  424.096914][T23480] loop6: detected capacity change from 0 to 2048
[  424.114501][T23484] tipc: Enabling of bearer <udp:£> rejected, already enabled
[  424.126797][T23488] FAULT_INJECTION: forcing a failure.
[  424.126797][T23488] name failslab, interval 1, probability 0, space 0, times 0
[  424.127297][T23484] loop2: detected capacity change from 0 to 1024
[  424.139693][T23488] CPU: 1 UID: 0 PID: 23488 Comm: syz.0.6569 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(voluntary) 
[  424.139724][T23488] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  424.139734][T23488] Call Trace:
[  424.139741][T23488]  <TASK>
[  424.139810][T23488]  __dump_stack+0x1d/0x30
[  424.139831][T23488]  dump_stack_lvl+0xe8/0x140
[  424.139850][T23488]  dump_stack+0x15/0x1b
[  424.139941][T23488]  should_fail_ex+0x265/0x280
[  424.140018][T23488]  should_failslab+0x8c/0xb0
[  424.140041][T23488]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  424.140071][T23488]  ? rds_rm_size+0x2bd/0x490
[  424.140156][T23488]  krealloc_noprof+0xb9/0x2d0
[  424.140188][T23488]  rds_rm_size+0x2bd/0x490
[  424.140213][T23488]  rds_sendmsg+0x842/0x14a0
[  424.140245][T23488]  ? __pfx_rds_sendmsg+0x10/0x10
[  424.140268][T23488]  __sock_sendmsg+0x142/0x180
[  424.140358][T23488]  ____sys_sendmsg+0x31e/0x4e0
[  424.140381][T23488]  ___sys_sendmsg+0x17b/0x1d0
[  424.140412][T23488]  __x64_sys_sendmsg+0xd4/0x160
[  424.140436][T23488]  x64_sys_call+0x191e/0x2ff0
[  424.140503][T23488]  do_syscall_64+0xd2/0x200
[  424.140527][T23488]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  424.140551][T23488]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  424.140575][T23488]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  424.140655][T23488] RIP: 0033:0x7f19b9b0ebe9
[  424.140670][T23488] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  424.140777][T23488] RSP: 002b:00007f19b856f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  424.140796][T23488] RAX: ffffffffffffffda RBX: 00007f19b9d35fa0 RCX: 00007f19b9b0ebe9
[  424.140809][T23488] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000004
[  424.140884][T23488] RBP: 00007f19b856f090 R08: 0000000000000000 R09: 0000000000000000
[  424.140896][T23488] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  424.140908][T23488] R13: 00007f19b9d36038 R14: 00007f19b9d35fa0 R15: 00007ffd788cf088
[  424.140927][T23488]  </TASK>
[  424.219285][T23480]  loop6: p2 p3 p7
[  424.224070][T23484] EXT4-fs (loop2): VFS: Can't find ext4 filesystem
[  424.288313][T23495] netlink: 16 bytes leftover after parsing attributes in process `syz.6.6576'.
[  424.386658][T23500] netlink: 12 bytes leftover after parsing attributes in process `syz.6.6577'.
[  424.391385][T23484] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6573'.
[  424.427789][T23502] loop6: detected capacity change from 0 to 2048
[  424.433345][T23504] loop2: detected capacity change from 0 to 1024
[  424.441082][T23504] EXT4-fs: Ignoring removed orlov option
[  424.447730][T23502] EXT4-fs (loop6): failed to initialize system zone (-117)
[  424.455029][T23502] EXT4-fs (loop6): mount failed
[  424.479687][T23509] loop6: detected capacity change from 0 to 128
[  424.512383][T23511] lo speed is unknown, defaulting to 1000
[  424.571943][T23517] loop6: detected capacity change from 0 to 1024
[  424.579005][T23517] EXT4-fs: Ignoring removed orlov option
[  424.588521][T23517] EXT4-fs error (device loop6): ext4_iget_extra_inode:5104: inode #15: comm syz.6.6583: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  424.606333][T23517] EXT4-fs error (device loop6): ext4_iget_extra_inode:5104: inode #15: comm syz.6.6583: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  424.736513][T23528] loop2: detected capacity change from 0 to 512
[  424.780157][T23528] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[  424.819205][T23528] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2
[  424.856905][T23528] EXT4-fs (loop2): 1 truncate cleaned up
[  424.883774][T23528] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #2: block 4: comm syz.2.6587: lblock 0 mapped to illegal pblock 4 (length 1)
[  424.905415][T23528] EXT4-fs (loop2): Remounting filesystem read-only
[  424.975131][T23535] loop6: detected capacity change from 0 to 512
[  424.990855][T23535] EXT4-fs (loop6): Cannot turn on journaled quota: type 0: error -2
[  425.010022][T23535] EXT4-fs (loop6): Cannot turn on journaled quota: type 1: error -2
[  425.024745][T23535] EXT4-fs (loop6): 1 truncate cleaned up
[  425.037138][T23537] tipc: Enabling of bearer <udp:£> rejected, already enabled
[  425.055307][T23542] loop0: detected capacity change from 0 to 128
[  425.071367][T23537] loop2: detected capacity change from 0 to 1024
[  425.100650][T23537] EXT4-fs (loop2): VFS: Can't find ext4 filesystem
[  425.153022][T23549] lo speed is unknown, defaulting to 1000
[  425.199149][   T29] kauditd_printk_skb: 134 callbacks suppressed
[  425.199165][   T29] audit: type=1326 audit(1755399571.936:15751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23554 comm="syz.5.6596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe88e73ebe9 code=0x7ffc0000
[  425.230352][   T29] audit: type=1326 audit(1755399571.936:15752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23554 comm="syz.5.6596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe88e73ebe9 code=0x7ffc0000
[  425.262974][T23555] loop5: detected capacity change from 0 to 2048
[  425.274941][T23557] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6590'.
[  425.288115][   T29] audit: type=1326 audit(1755399571.996:15753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23554 comm="syz.5.6596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe88e73ebe9 code=0x7ffc0000
[  425.312563][   T29] audit: type=1326 audit(1755399571.996:15754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23554 comm="syz.5.6596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe88e73ebe9 code=0x7ffc0000
[  425.336438][   T29] audit: type=1326 audit(1755399571.996:15755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23554 comm="syz.5.6596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe88e73ebe9 code=0x7ffc0000
[  425.360852][   T29] audit: type=1326 audit(1755399571.996:15756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23554 comm="syz.5.6596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe88e73ebe9 code=0x7ffc0000
[  425.384530][   T29] audit: type=1326 audit(1755399571.996:15757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23554 comm="syz.5.6596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe88e73ebe9 code=0x7ffc0000
[  425.408345][   T29] audit: type=1326 audit(1755399571.996:15758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23554 comm="syz.5.6596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe88e73ebe9 code=0x7ffc0000
[  425.432023][   T29] audit: type=1326 audit(1755399571.996:15759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23554 comm="syz.5.6596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fe88e73ebe9 code=0x7ffc0000
[  425.455793][   T29] audit: type=1326 audit(1755399571.996:15760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23554 comm="syz.5.6596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe88e73ebe9 code=0x7ffc0000
[  425.515727][T23561] loop2: detected capacity change from 0 to 1024
[  425.523075][T23561] EXT4-fs: Ignoring removed orlov option
[  425.600317][T23566] loop4: detected capacity change from 0 to 512
[  425.652369][T23535] Set syz1 is full, maxelem 65536 reached
[  425.661447][T23555] EXT4-fs (loop5): failed to initialize system zone (-117)
[  425.668740][T23555] EXT4-fs (loop5): mount failed
[  425.674652][T23566] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[  425.682943][T23566] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2
[  425.706358][T23566] EXT4-fs (loop4): 1 truncate cleaned up
[  425.712260][T23572] loop5: detected capacity change from 0 to 1024
[  425.718988][T23572] EXT4-fs: Ignoring removed orlov option
[  425.733154][T23566] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #2: block 4: comm syz.4.6599: lblock 0 mapped to illegal pblock 4 (length 1)
[  425.749616][T23566] EXT4-fs (loop4): Remounting filesystem read-only
[  425.776529][T23572] EXT4-fs error (device loop5): ext4_iget_extra_inode:5104: inode #15: comm syz.5.6600: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  425.809598][T23572] EXT4-fs error (device loop5): ext4_iget_extra_inode:5104: inode #15: comm syz.5.6600: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  425.841537][T23580] netlink: 16 bytes leftover after parsing attributes in process `syz.4.6603'.
[  426.086319][T23593] lo speed is unknown, defaulting to 1000
[  426.120876][T23595] tipc: Enabling of bearer <udp:£> rejected, already enabled
[  426.163253][T23595] loop5: detected capacity change from 0 to 1024
[  426.181730][T23595] EXT4-fs (loop5): VFS: Can't find ext4 filesystem
[  426.240625][T23595] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6607'.
[  426.325280][T23609] loop5: detected capacity change from 0 to 512
[  426.347483][T23609] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -2
[  426.362873][T23609] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -2
[  426.379918][T23609] EXT4-fs (loop5): 1 truncate cleaned up
[  426.397279][T23612] loop2: detected capacity change from 0 to 2048
[  426.425969][T23612] EXT4-fs (loop2): failed to initialize system zone (-117)
[  426.433392][T23612] EXT4-fs (loop2): mount failed
[  426.454327][T23616] loop5: detected capacity change from 0 to 1024
[  426.465041][T23616] EXT4-fs: Ignoring removed orlov option
[  426.476542][T23618] loop2: detected capacity change from 0 to 512
[  426.485112][T23618] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[  426.493266][T23618] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2
[  426.502194][T23618] EXT4-fs (loop2): 1 truncate cleaned up
[  426.515301][T23618] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #2: block 4: comm syz.2.6614: lblock 0 mapped to illegal pblock 4 (length 1)
[  426.529710][T23618] EXT4-fs (loop2): Remounting filesystem read-only
[  426.588557][T23625] netlink: 16 bytes leftover after parsing attributes in process `syz.6.6616'.
[  426.631778][T23629] loop6: detected capacity change from 0 to 1024
[  426.638620][T23629] EXT4-fs: Ignoring removed orlov option
[  426.661871][T23629] EXT4-fs error (device loop6): ext4_iget_extra_inode:5104: inode #15: comm syz.6.6618: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  426.695417][T23629] EXT4-fs error (device loop6): ext4_iget_extra_inode:5104: inode #15: comm syz.6.6618: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  426.819943][T23636] tipc: Enabling of bearer <udp:£> rejected, already enabled
[  426.862062][T23636] loop5: detected capacity change from 0 to 1024
[  426.879407][T23636] EXT4-fs (loop5): VFS: Can't find ext4 filesystem
[  426.888046][T23641] lo speed is unknown, defaulting to 1000
[  426.906079][T23636] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6620'.
[  426.982040][T23650] loop5: detected capacity change from 0 to 512
[  426.997927][T23650] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -2
[  427.009622][T23650] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -2
[  427.019252][T23650] EXT4-fs (loop5): 1 truncate cleaned up
[  427.043520][T23653] loop6: detected capacity change from 0 to 512
[  427.052229][T23653] EXT4-fs (loop6): Cannot turn on journaled quota: type 0: error -2
[  427.077477][T23653] EXT4-fs (loop6): Cannot turn on journaled quota: type 1: error -2
[  427.098382][T23653] EXT4-fs (loop6): 1 truncate cleaned up
[  427.125732][T23653] EXT4-fs error (device loop6): ext4_map_blocks:778: inode #2: block 4: comm syz.6.6625: lblock 0 mapped to illegal pblock 4 (length 1)
[  427.154961][T23653] EXT4-fs (loop6): Remounting filesystem read-only
[  427.216659][T23662] loop5: detected capacity change from 0 to 2048
[  427.236918][T23662] EXT4-fs (loop5): failed to initialize system zone (-117)
[  427.244171][T23662] EXT4-fs (loop5): mount failed
[  427.277615][T23666] netlink: 16 bytes leftover after parsing attributes in process `syz.5.6629'.
[  427.298429][T23669] loop6: detected capacity change from 0 to 1024
[  427.317316][T23669] EXT4-fs: Ignoring removed orlov option
[  427.451449][T23678] lo speed is unknown, defaulting to 1000
[  427.519127][T23684] tipc: Started in network mode
[  427.524034][T23684] tipc: Node identity ac14140f, cluster identity 4711
[  427.544034][T23684] tipc: New replicast peer: 255.255.255.83
[  427.549942][T23684] tipc: Enabled bearer <udp:£>, priority 10
[  427.581076][T23688] loop4: detected capacity change from 0 to 1024
[  427.603613][T23688] EXT4-fs (loop4): VFS: Can't find ext4 filesystem
[  427.626513][T23684] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6635'.
[  427.640122][T23691] loop6: detected capacity change from 0 to 1024
[  427.664651][T23684] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  427.672058][T23691] EXT4-fs: Ignoring removed orlov option
[  427.672156][T23684] batman_adv: batadv0: Removing interface: batadv_slave_0
[  427.686662][T23684] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  427.694047][T23684] batman_adv: batadv0: Removing interface: batadv_slave_1
[  427.709634][T23691] EXT4-fs error (device loop6): ext4_iget_extra_inode:5104: inode #15: comm syz.6.6637: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  427.727070][T23691] EXT4-fs error (device loop6): ext4_iget_extra_inode:5104: inode #15: comm syz.6.6637: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  427.878564][T23696] loop4: detected capacity change from 0 to 512
[  427.894913][T23696] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[  427.908479][T23696] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2
[  427.917608][T23696] EXT4-fs (loop4): 1 truncate cleaned up
[  427.930504][T23696] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #2: block 4: comm syz.4.6638: lblock 0 mapped to illegal pblock 4 (length 1)
[  427.947185][T23696] EXT4-fs (loop4): Remounting filesystem read-only
[  427.960702][T23701] loop0: detected capacity change from 0 to 512
[  427.970074][T23701] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2
[  427.978390][T23701] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -2
[  427.988706][T23701] EXT4-fs (loop0): 1 truncate cleaned up
[  428.005732][T23701] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #2: block 4: comm syz.0.6640: lblock 0 mapped to illegal pblock 4 (length 1)
[  428.025065][T23701] EXT4-fs (loop0): Remounting filesystem read-only
[  428.088996][T23708] loop6: detected capacity change from 0 to 512
[  428.097965][T23708] EXT4-fs (loop6): Cannot turn on journaled quota: type 0: error -2
[  428.117639][T23708] EXT4-fs (loop6): Cannot turn on journaled quota: type 1: error -2
[  428.134691][T23708] EXT4-fs (loop6): 1 truncate cleaned up
[  428.178373][T23716] lo speed is unknown, defaulting to 1000
[  428.296269][T23724] tipc: Enabling of bearer <udp:£> rejected, already enabled
[  428.308953][T23727] loop6: detected capacity change from 0 to 1024
[  428.320104][T23724] loop5: detected capacity change from 0 to 1024
[  428.327986][T23724] EXT4-fs (loop5): VFS: Can't find ext4 filesystem
[  428.437847][T23737] loop4: detected capacity change from 0 to 512
[  428.457942][T23737] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[  428.474698][T23737] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2
[  428.490348][T23745] loop5: detected capacity change from 0 to 1024
[  428.500853][T23737] EXT4-fs (loop4): 1 truncate cleaned up
[  428.507071][T23745] EXT4-fs: Ignoring removed orlov option
[  428.517484][T23745] EXT4-fs error (device loop5): ext4_iget_extra_inode:5104: inode #15: comm syz.5.6654: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  428.552646][T23737] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #2: block 4: comm syz.4.6651: lblock 0 mapped to illegal pblock 4 (length 1)
[  428.567219][T23745] EXT4-fs error (device loop5): ext4_iget_extra_inode:5104: inode #15: comm syz.5.6654: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  428.585585][T23737] EXT4-fs (loop4): Remounting filesystem read-only
[  428.607802][T23751] loop6: detected capacity change from 0 to 512
[  428.617411][T23751] EXT4-fs (loop6): Cannot turn on journaled quota: type 0: error -2
[  428.634799][T23751] EXT4-fs (loop6): Cannot turn on journaled quota: type 1: error -2
[  428.647040][T23751] EXT4-fs (loop6): 1 truncate cleaned up
[  428.674677][   T23] tipc: Node number set to 2886997007
[  428.686952][T23751] EXT4-fs error (device loop6): ext4_map_blocks:778: inode #2: block 4: comm syz.6.6656: lblock 0 mapped to illegal pblock 4 (length 1)
[  428.701848][T23757] lo speed is unknown, defaulting to 1000
[  428.746027][T23751] EXT4-fs (loop6): Remounting filesystem read-only
[  428.766754][T23745] ==================================================================
[  428.775095][T23745] BUG: KCSAN: data-race in filemap_read / filemap_read
[  428.781934][T23745] 
[  428.784340][T23745] write to 0xffff888104ab52e8 of 8 bytes by task 23753 on cpu 1:
[  428.792137][T23745]  filemap_read+0x974/0xa00
[  428.796628][T23745]  generic_file_read_iter+0x79/0x330
[  428.801912][T23745]  ext4_file_read_iter+0x1cc/0x290
[  428.807057][T23745]  copy_splice_read+0x43f/0x660
[  428.812026][T23745]  splice_direct_to_actor+0x290/0x680
[  428.817417][T23745]  do_splice_direct+0xda/0x150
[  428.822168][T23745]  do_sendfile+0x380/0x650
[  428.826591][T23745]  __x64_sys_sendfile64+0x105/0x150
[  428.831773][T23745]  x64_sys_call+0x2bb0/0x2ff0
[  428.836445][T23745]  do_syscall_64+0xd2/0x200
[  428.840934][T23745]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  428.846823][T23745] 
[  428.849130][T23745] read to 0xffff888104ab52e8 of 8 bytes by task 23745 on cpu 0:
[  428.856845][T23745]  filemap_read+0x6f/0xa00
[  428.861247][T23745]  generic_file_read_iter+0x79/0x330
[  428.866519][T23745]  ext4_file_read_iter+0x1cc/0x290
[  428.871622][T23745]  copy_splice_read+0x43f/0x660
[  428.876468][T23745]  splice_direct_to_actor+0x290/0x680
[  428.881840][T23745]  do_splice_direct+0xda/0x150
[  428.886606][T23745]  do_sendfile+0x380/0x650
[  428.891015][T23745]  __x64_sys_sendfile64+0x105/0x150
[  428.896208][T23745]  x64_sys_call+0x2bb0/0x2ff0
[  428.900883][T23745]  do_syscall_64+0xd2/0x200
[  428.905409][T23745]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  428.911310][T23745] 
[  428.913633][T23745] value changed: 0x000000000000031d -> 0x000000000000031e
[  428.920729][T23745] 
[  428.923072][T23745] Reported by Kernel Concurrency Sanitizer on:
[  428.929220][T23745] CPU: 0 UID: 0 PID: 23745 Comm: syz.5.6654 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(voluntary) 
[  428.941804][T23745] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  428.951909][T23745] ==================================================================