last executing test programs:

1m34.165231661s ago: executing program 0 (id=41):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000200)='qdisc_reset\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000180)={'rose0\x00', 0x112})
ioctl$TUNSETQUEUE(r2, 0x400454d9, &(0x7f0000000100)={'vlan0\x00', 0x400}) (fail_nth: 3)

1m33.660682498s ago: executing program 0 (id=46):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000300)={r0, <r1=>0xffffffffffffffff}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000a40)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000100)={0x4, &(0x7f0000000000)=[{0x8b53, 0x53, 0x7, 0x80000001}, {0x0, 0x40, 0x3, 0xff}, {0x5, 0xf, 0x4, 0x9}, {0x5, 0x0, 0xe2, 0x8000000}]}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
readlinkat(0xffffffffffffffff, &(0x7f0000000140)='./mnt\x00', &(0x7f0000000180)=""/10, 0xa)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
r4 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000000)={0xa})
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=ANY=[], &(0x7f0000000180), 0x0)

1m33.617845089s ago: executing program 0 (id=47):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000001"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000001680)=ANY=[@ANYBLOB="05000000010000008e000000c9"], 0x48) (fail_nth: 3)

1m33.485878991s ago: executing program 0 (id=51):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x38, 0x1, 0x0, 0x0, 0x0, 0x6, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, @perf_config_ext={0x2, 0xc}, 0x0, 0x10000, 0x1, 0x1, 0x8, 0x40020005, 0x2b, 0x0, 0x0, 0x0, 0xffffffffffffff7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000400)='./file1\x00', 0x3000000, &(0x7f00000003c0), 0x1, 0x512, &(0x7f0000000c40)="$eJzs3W1rZFcdAPD/vcmk2d3UTFVkLdgWW9ktujNJY9so0lYQfVVQ6/s1JpMQMsmEzKRuQtEsfgBBRAU/gG8EP4Ag+xFEWND3oqKI7upL3St35kbzMJMMySSzTn4/OJlz7sP5n3PJ3LkPh3sDuLJeioh3ImIsIl6NiOlielqk2OukfLnHjz5YzFMSWfbe35JIimn7deXl8Yi4Uaw2GRFf/0rEt5LjcZs7u2sL9XptqyhXW+ub1ebO7p3V9YWV2kptY25u9o35N+dfn5/JCufqZzki3vrSn370/Z99+a1ffebbv7/7l9vfyZv1hY912h0Ri+cK0EOn7lJ7W+zLt9HWRQQbkrw/pbFhtwIAgH7kx/gfjohPto//p2OsfTQHAAAAjJLs7an4VxKRAQAAACMrjYipSNJKMRZgKtK0UumM4f1oXE/rjWbr08uN7Y2lfF5EOUrp8mq9NlOMFS5HKcnLs8UY2/3ya0fKcxHxXET8cPpau1xZbNSXhn3xAwAAAK6IGy8ePv//53TazgMAAAAjptyzAAAAAIwKp/wAAAAw+pz/AwAAwEj76rvv5inbf4/30vs722uN9+8s1ZprlfXtxcpiY2uzstJorLSf2bd+Wn31RmPzs7Gxfa/aqjVb1ebO7t31xvZG6+7qoVdgAwAAAJfouRcf/C6JiL3PX2unKJ4DCHDIH4fdAGCQxobdAGBoxofdAGBoSqcuYQ8Boy45Zf7xwTuda4Xx64tpDwAAMHi3Pn78/v9EMe/0awPA/zNjfQDg6nF3D66u0llHAN4cdEuAYflQ5+OZXvN7Pryjj/v/nWsMWXamhgEAAAMz1U5JWimO06ciTSuViGfbrwUoJcur9dpMcX7w2+nSM3l5tr1mcuqYYQAAAAAAAAAAAAAAAAAAAAAAAACgI8uSyAAAAICRFpH+OWk/zT/i1vQrU4evDhx569dP3/vxvYVWa2s2YiL5+3Q+aSIiWj8ppr+WeSUAAAAAPAU65+nF5+ywWwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAqHn86IPF/XSZcf/6xYgod4s/HpPtz8koRcT1fyQxfmC9JCLGBhB/735E3OwWP4knWZaVi1Z0i3/tguOX25ume/w0Im4MID5cZQ/y/c873b5/abzU/uz+/Rsv0nn13v+l/93/jfXY/zx7pNzL8w9/Ue0Z/37E8+Pd9z/78ZNO/EMh8sLLffbxm9/Y3e0640CV3eIfjFVtrW9Wmzu7d1bXF1ZqK7WNubnZN+bfnH99fqa6vFqvFX+7hvnBJ3755KT+X+8Rv3y4/8e2/yt99T6Lfz+89+gjnUKpW/zbL3f//b3ZI35a/PZ9qsjn82/t5/c6+YNe+PlvXjip/0s9+j95Sv9v99X/+NyrX/veH7rOObY1AIDL0NzZXVuo12tbJ2Qm+1jmkjNvPx3NGGAmno5mDCuTfbfz/3i+es65+rFMdp7Vx2MAzZg49j0di7NWmETs5XX1+Q8JAACMmP8d9J90BwkAAAAAAAAAAAAAAAAAAAC4SGd8LNlkRPS98NGYe8PpKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAif4TAAD//4RX0Xo=")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)
r0 = syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file1\x00', 0x808080, &(0x7f0000000000), 0x2c, 0x516, &(0x7f0000000740)="$eJzs3c9vG1kdAPCvnV9umm6ysIcFAVuWhYKq2om7G632wnJBQqvVIi2cEGqjxI2i2HEUO6UJkUjPXJGoxAn+BA5IHJB64s4NblzKAalABWqQEPJq7HGbOHFiNXHcxp+PNPJ7MxN/v8/SvBc/2/MCGFpXI2I3IsYj4nZETKf7M+kWH7a25LynT3YW957sLGai0fj0n6PpmTuL7fPbLqfPmYv4JKlPHBG3trW9ulAulzbSeqFeWS/UtrZvrFQWlkvLpbVicX5ufvb9m+8Vz6ytb1V++/i7Kx/98A+///KjP+1+66dJzt9OjyVtO7NA+7Rel7GY2rcveeU+6kewARhJ2zM+6ER4IdmI+FxEvJ2Wn8kNLicAoL8ajeloTO+vd5fp4RwA4OWXvOefikw2n77/n4psNp9vzuHl3ojJbLlaq1+/U91cW4rmHNZMjGXvrJRLs+lc4UyMZZL6XLP8vF7sqN+MiNcj4hcTl5r1/GK1vDSof3oAYMhd7hj//zPRGv974BMCAHiVGckBYPgcHv/HBpIHAHB+vP8HgOGzb/w/6re6AMAFlOv47T8AcPGdOP//Zvzsx+eTCgBwTnz+DwBD5fsff5xsjb30/tdLd7c2V6t3byyVaqv5yuZifrG6sZ5frlaXm/fsqZz0fOVqdX3u3di8V6iXavVCbWv7VqW6uVa/1byv962SHxYAwOC9/tbDv2QiYveDS80t2ms5+EIAXHgucxheI4NOABiY0UEnAAyM+Xggc8Lxrl8RetD9by6dIh+g/659ocv8//H/G/y/cT7pAX1k/h+G1+nm/80ewKvM/D8Mr0YjYz1/ABgyPbyD9xVBuOBe+PN/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGGJTzS2TzadrgU9FNpvPR1yJiJkYy9xZKZdmI+K1iPjzxNhEUp8bdNIAwCll/55J1/+6Nv3OVOfR8cx/J5qPEfGTX336y3sL9frGXLL/X8/21x+k+4tHBpjofxsAgH1GO3e0x+n2ON5e3/fpk53F9naeCT7+Tmtx0STuXrq1U28ln4uxiJj8d+ZAYzJntDDx7v2IeLOz/dlnx2fSlU874yexr/QtfjRbOHUgfvZA/GzzWOsxeS0+fwa5wLB5mPQ/Hx51/WXjavMxvf4yBzvTXPz8cOf6Atr9316js/9rXe+fXMk1+5qj+r+rvcZ494/f63rs/kjji6MRe4f63/aK0Llm6aj47/QY/69f+srb3Y41fh1xLY6L3yoV6pX1Qm1r+8ZKZWG5tFxaKxbn5+Zn37/5XrHQnKMutGeqD/vHB9df697+iMku8XMntP/rPbb/N/+7/aOvHhP/m187Kn423jgmfjImfqPH+AuTv+u6fHcSf6lL+0cPxB8/8HfJvus9xn/0t+2lHk8FAM5BbWt7daFcLm0onLaQ69czX35JGqhwTGEkyu35qJcin1MXBtwxAX33/KIfdCYAAAAAAAAAAAAAAEA3tR+kt/zr44/hBt1GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALq7PAgAA//+iDcmp")
syz_open_procfs(0x0, &(0x7f0000000240)='mountinfo\x00')
open(&(0x7f0000000180)='./bus\x00', 0x169a7c, 0x41)
capset(&(0x7f0000000a40)={0x20071026}, &(0x7f0000000280)={0x7, 0x3, 0xfffffffc, 0xa8, 0x2, 0x1})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x15, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="dbaa00fea000000071100200000000000000000000c994ba82f53c74a4e413cb173280bf06000000000000008eb54a0f77d803074b2ca40fba0be720aad24ae38f019df674fcb505a4d87ee1f4cb96afa9f1fcef07506d5453348e2c0bbf3e1ec134bfa209dd67cb74f46f26b2630905caaeeb7290e10fdcd0cb7f03928008e12a8d2ff8ba9d8ff867aa8bff030000a9f728fa9afea5f2505bceb27ac15c8eee84ed65a552ec0944fb4c3d287bef707dd5b02655318f49ae951dd33ce48e86b7c4edf3b06b22acc22b7b32f5b911c09797d7c27f69a7e05c61898f046a9b7fcc3ecc0dc1d6666c8168c0a002000a5e23b6423bc30317fd3eac5217c4a26e2c83e2193d2a0ae56412a1a5720c9ac6b611ff3d0aafb1ddcdf30f11581d8b7305abd76fd8abaa3a53e78a0100ce2af9ba7f2765fb01ca357f1983d5e47860f161cc3ba8d4f6d42929ba8cffabec57ae2b23dc489a112f415737c3fe47d50ea5308f7253e3f5441e31e3cfecec98ec3a9a0b4f3bc602f55faf179d1911eac50671bdd0524616edc65adae5e517869af358870384dda7dad3888146442108265c3d859fc3d2c77cd5f46e168cd6fa5f02533dfd2b74a451b8cd176098027c7af3e7c6d8c45a42f0d70785cf5794915d7b8e11077ef89b05d9a51c23b58bd8cc8d910f3305e8350f647c9bbece9ba891433065800360bdc1dcbc956c52949de39a380fd51ff87c38a5d702e7145a95b8970dfb2a07b23ee989cf4fee23f434ff65ea27e8f68e9e2356f2bb036c9896f04f0ef1cde81fdf37fb73ab5e5bf511ecffe7670ac2d7a976334a1e155897b159ccf7d69c2501e4406bda4dee1a05575cb8ca372d871d1c08a6799e109954d83ccbf097bee3cfc99ca946afc3b8fa0388967f6bd20fffaa8475b062babf5a9784411a8f681231d6c4b8b58d34a68eba0ea5477df06cf784112b27ec711254b4d659a6c0ed191f5602412ce16df5e61234491f77abfdae3aa01e67bbc072c3ff344133d5374a19c6bc75fdc57d0ced1d8b969d9af6640f1d318f443784c3453eac28b42aa63e082fd6cca5feaf4e5b0a8289eb744011db370e0789b0c68e1b19fc4fd0b3e579d203005554abb82ecb1b367b5357d887cff9f70850ab876d7e57f3e9314fa40c0bfbfffffffff84aacbd218b03d0cc81c31b5749827ba71ebda5ca9aa6597e19da486b7c07f88de7b7923c60e9ba4e0f80de7a95d9af1950e65b6f79c5e54e7b48a4c4c1487da80622ded32871157d048d084ce7073d11ca639edf531dfc5a39719ea7f3998b9c7cdb3aa733224e2d276598db78cea45d808d6a0c50582914545b387d18036a4c0d682a2437d5439f1ab7c9894ed968fe2690d67e127de115baa36de7ff304a6000ba2c42e11a5a8a2ce8fb7ec08d5a42e1c2cc5a7e48441ba4a9b3a64170031fb685688004227cf250d3eceecbe7d0d02d942fb92d1a81336feaf17495f7689f0df2e01d842b2d25946b9a0607a98e0f625000abbc882eff65830073400c4cbc27042d2ef9152128defe252b1ab3079d371aecf96f18068322990eda7e188d9ada9ab2ee1292846d28438d632f3f0e458e052301da2aab1123f973841ce49e2c3e8234f2438620b73eec69fc3a3d533c25b942a4f78b"], &(0x7f0000000480)='syzkaller\x00', 0x40000005, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYRESHEX=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000680)={&(0x7f0000000080)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffffc}, 0x18)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)="200000002000ff07090f9becdb4cb96b0a000000ff000001000000007bffd290", 0x20}], 0x1, 0x0, 0x0, 0x81000000}, 0x4000002)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000380)='/sys/kernel/kexec_crash_loaded', 0xc0642, 0x1f6)
sendfile(r2, r2, 0x0, 0x6)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000100)=0x1, 0x4)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4000, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000280)={@in6={{0xa, 0x4e23, 0x4, @dev={0xfe, 0x80, '\x00', 0x3a}}}, 0x0, 0x0, 0x38, 0x0, "0f424a2bc651a9f11381328af8daf6f4bd2827984afeb6b627cea1ba22d1af57aa193c5024c9e8b22a8796a538ed893952a1aa555418ba1b4d0bc0712c028ec32a9bc2fb29b52d39e8626bc90abcc02a"}, 0xd8)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000240)='tunl0\x00', 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000000040))
socket(0x1e, 0x5, 0x0)
mbind(&(0x7f0000978000/0x2000)=nil, 0x2000, 0x4, 0x0, 0x4000000000000000, 0x2)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000040000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b703000000000000850000001b000000b7000000000000009500000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x18)
mbind(&(0x7f00005b4000/0x4000)=nil, 0x100000000004000, 0x0, 0x0, 0x0, 0x2)

1m32.990263929s ago: executing program 0 (id=54):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000003c0)='mm_page_free\x00', r0, 0x0, 0xfffffffff7fffffe}, 0x18)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
ioctl$USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0185500, &(0x7f0000000380)={0x80, 0x6, 0xf00, 0xe0, 0x0, 0x0, 0x0})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000200)='kfree\x00'}, 0x18)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d0000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)

1m32.063800993s ago: executing program 0 (id=62):
r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x38, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x1, 0x1, 0x8, 0x20005, 0x2b, 0x0, 0x0, 0x0, 0xffffffffffffff7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x4, 0x7, 0xff, 0x8, 0x0, 0x1bff, 0x1680, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x2, @perf_bp={&(0x7f0000000040), 0x3}, 0x18091, 0x4, 0x1, 0x2, 0x200, 0x6, 0x21, 0x0, 0xd, 0x0, 0xad16}, 0xffffffffffffffff, 0xe, r0, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x20)
symlinkat(&(0x7f0000000000)='.\x00', r2, &(0x7f0000000140)='./file0\x00')

1m32.025209123s ago: executing program 32 (id=62):
r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x38, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x1, 0x1, 0x8, 0x20005, 0x2b, 0x0, 0x0, 0x0, 0xffffffffffffff7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x4, 0x7, 0xff, 0x8, 0x0, 0x1bff, 0x1680, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x2, @perf_bp={&(0x7f0000000040), 0x3}, 0x18091, 0x4, 0x1, 0x2, 0x200, 0x6, 0x21, 0x0, 0xd, 0x0, 0xad16}, 0xffffffffffffffff, 0xe, r0, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x20)
symlinkat(&(0x7f0000000000)='.\x00', r2, &(0x7f0000000140)='./file0\x00')

1.871944551s ago: executing program 1 (id=1774):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000000a40)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(0xffffffffffffffff, 0x84, 0x6e, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000380)=[{0x200000000006, 0x1, 0x7, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x76200}], 0x1, 0x7c00, 0x0, 0x3)

1.797741872s ago: executing program 5 (id=1776):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x4f, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r0}, &(0x7f0000000380), &(0x7f00000003c0)=r1}, 0x20)
r2 = add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
add_key(&(0x7f0000000100)='asymmetric\x00', 0x0, &(0x7f0000000140)="10", 0x1, r2)

1.770028422s ago: executing program 5 (id=1777):
r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x38, '\x00', 0x0, @lirc_mode2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r3}, &(0x7f0000000340), &(0x7f0000000040)}, 0x20)
socket$packet(0x11, 0xa, 0x300)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r4}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r5}, 0x10)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = socket(0x10, 0x803, 0x0)
add_key$keyring(&(0x7f00000003c0), &(0x7f0000000400)={'syz', 0x1}, 0x0, 0x0, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
symlink(&(0x7f0000000540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_queued_recursive\x00', 0x275a, 0x0)
creat(&(0x7f0000000d80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x22)
getsockname$packet(r6, &(0x7f0000000140)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000880)=ANY=[@ANYBLOB="80000000100039042abd7000eafefffff7ff02e4", @ANYRES32=r8, @ANYBLOB="03000000c31006006000128008000100736974005400028008000100", @ANYRES32=r7], 0x80}, 0x1, 0x0, 0x0, 0x8000}, 0x4008040)
sendmsg$IPVS_CMD_FLUSH(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000100)=ANY=[@ANYBLOB="c4000000", @ANYRES16=r0, @ANYBLOB="01000000000000000000011500002c000280060002004e2000000800090010000000060002004e210000080007000101000006000f000700000008000400ff7fffff14000280080006000200000008000900080000000800040002000000600001"], 0xc4}}, 0x4008800)

1.649733004s ago: executing program 2 (id=1778):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
r1 = socket$kcm(0x10, 0x2, 0x0)
socket$packet(0x11, 0x2, 0x300)
socket$packet(0x11, 0xa, 0x300)
socket$packet(0x11, 0xa, 0x300)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x6, 0x3, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f271a76d2608064c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000001c000000000000ea04850000007b000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
sendmsg$kcm(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000000)='.\x00\x00', 0x3}], 0x1}, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffed850000006d000000a50000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
keyctl$clear(0x7, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000140)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0, &(0x7f00000004c0)={[{@dax_always}, {@max_batch_time={'max_batch_time', 0x3d, 0x14a2ecd8}}]}, 0xfc, 0x59c, &(0x7f0000001500)="$eJzs3e9rJGcdAPDvbHbz4y6aKH1RhdbDFu6KXnLp2TaI9k4Q3xWU6usz5PZCuE32SDZtEw7N4R8giNiCb/SVbwT/AEHuTyiCYN+LFeXQq4JFtCMzO5vspTu3SS67q8nnA5N5duaZ+X6f2d3Z2ZlnMwGcWRci4npEjEXECxExU0yvFEPstoes3gcP7y5nQxJp+vpfk0iKaVm1JGIsKZY9Xyw22R49aqo92tzeub3UaNQ3isnzrbU785vbO5dX15ZW6iv19atXF15efGXxpcUrJ9LOrF2vfv1PP/nhL77x6m+++OYfbvzl0veyfKeL+Z12nLT2Nqll22JPNSI2BhFsBMaK9vwrbetdqzrstAAAKJEd4386Ij6fH//PxFifY7XxrnIy8OwAAACAk5Bem45/JxHpEdWOvAQAAAAwKpW8D2xSmSv6AkxHpTI31+7D+1ScqzSam60v3Gpurd9s95WdjVrl1mqjfiXvUzsREbUke7ywd0ah/fjFvG42JI/0Af7xzFQ+f2652bg5ihMeAAAAcAadP/D9/x8z7e//AAAAwCkzW4zPjTgPAAAAYHBmR50AAAAAMHDH+P4/Pog8AAAAgIH45muvZUPauf/1zTe2t24337h8s755e25ta3luublxZ26l2VxppBMRa/3W12g273wp1rfemm/VN1vzm9s7N9aaW+utG6uP3AIbAAAAGKJPfe7+e0lE7H55Kh+ic21/rGQBvxWAU6NyyHpp9uf9weYCDFfZxzxw+lUfP7usm+/EIHIBhqvWHiWjzgMYnX47gMmyGu8eK5yfDwEAwAhc/Mz999Lk49f/q/vnBoBT6rDX/4HTp+T6fzoz7ESAoSu9/t+nYwDw/6+mByCcef2v/5d4N591vX+ENO27LgAAYKCm8yGpzBXXAqej8mHaFrNRS26tNupXIuKTEfH7mdpE9nghXzLxowEAAAAAAAAAAAAAAAAAAAAAAAAAOKQ0TSI9huqxlgIAAABGIaLy56S4D/DFmeenD54fGE8+zG8F/FGapm/+9PW331pqtTYWsul/y6ePR0TrnWz6+ChOXwAAAABdOnf5z7+/v1gbcTYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnFYfPLy73BmGGffB1yJitlf8akzm48moRcS5vydR7VouiYixE4i/ey8inu4VP8nSitkii4PxKxExlWfxxPErRbEs/jNpmvaMf/6Jo8PZdj/b/1zv9f6vxIV83Pv9X20P1540fmf/d75rH9yJ39n/je3F/+pe8GzP84lDxvjs73413/XwO/vFifb8au/9Xyd+UrL/fa5XsOrHJ3332zs7ZbmlP4+42Gl7GhFd8btjzbfW7sxvbu9cXl1bWqmv1NevXl14efGVxZcWr8zfWm3Ui7/7K3473Sv+6Jlff1QW/8GFiHMR6czDu8vjnZyKD5bZ9ugryV4q44/k9HxWqJWted9/9hfrrp2v9cG9iEvP7W3/9Ptdz//T+bjn9v/ZP9Nc/jmQzb9YfCYku+1yRPHyjYhnf/nbZ0vbf2+yKB39+b/Uv+m5F771gz8esioAMASb2zu3lxqN+sbAC++kaXq4ytlRaXmdtDga60xJInYP1skO4E64FVMRUTIrYicm96ZMFVs1Drvmp0pTfX8qYkjPzlEL145SOZ040ost2f0faOAZLoznL8iR7pYAAIAB2D/6H3UmAAAAAAAAAAAAAAAAAAAAcHYN4/+KHYy5O5qmAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA81n8DAAD//x3CzJ0=")
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000002b40), 0x24, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x533201, 0x80)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r6, @ANYBLOB="796104000000000000007e000000a46a589a21f9714f4125aec6662c8d27a3c0192f1384239b2f"], 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x300000000000000)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r7, 0x1, 0x1a, &(0x7f0000000000)={0x0, &(0x7f00000000c0)}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f0000000080)='kmem_cache_free\x00', r8, 0x0, 0x800000001}, 0x18)
socket$kcm(0x2, 0x2, 0x73)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x15000022}, 0xc, &(0x7f0000000540)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="94020000", @ANYRES16=r9, @ANYBLOB="000326bd7000ffdbdf253a000000080003", @ANYRES8, @ANYBLOB="0c00990000f0ff0054000000cd005b00a009927e4ade9fb1505ae1ad7ff3e114b079cf22d2afe2adf220a93be60c2d8fd149c5f7c83455fdbcf2952645eab371e2019143b0e9b6706db70ebd9482b9c7c0b58cc37c42b6712905b92da79e99fa97ae61bf02bc6b6552d882e57dec5aeb8eccc1eb13499f08166e6ca5859ad4a32ecd5509d36b0a9acf6b7f989f7229b087826bfde59b597bac9f62cac2cf7e2d9af2f1f8b31146346d962d8ab67d7e12e2326556e37bab26f448e4e9fbb5347084192ac4ba29727262fab24688c47be0589e8ccc719cd5cf3100000003015b00ee4e258bee3ac8dc17f5f1ad193558a99316f1e25e24300f1e90f7e71cca34fc53321091ceffb9281d4ba5b810872fa2c04f153e763fe18b27f3cc68fd1c744601f72dd03c9e8fc001951426343badefeaf4b64224652dab88c6e5c29afe78d3d5b6c7baf344e762b7540dfcac2adb4f0295b37c2726daab39692ef54d0ddda510cb9493b646b5560a8e3af44b87267661caba29a68a7ba5015ee53063ac11f7e40a3e75d75fa91cb7ea0ebc0f3a703f67b8e3aebea57e3bb701eae337901cf6cca4f25112c596795f9912cb3c3a5c27db53162088d78167817133dbe668598e21473600f3eacfe71882539eb15cb277d4ee1dac9af1c882be03737adf0378000600650001f000008f005b00373cf75a3e5701905ac3950ae31fab746dda5e8ab8e49164c75ccc796ae761a1b9d6d2d16fe20a56491ce93c2a2b3c42a47c68cf4c301819a7ab22cd836883c0f5a3dd6ef06f4e71723bc15c9570bb7783ef511ae9ac2949a04e78f69763f7cf6beafc4691db8a27eb0ddb6b4b6d96c6a615017402898f9b77e2542c2b5b7da7451a5e12dd94e666a6657000216949265fa85ceea86e10a777b94ae4"], 0x294}, 0x1, 0x0, 0x0, 0x20040080}, 0x80)

1.608761855s ago: executing program 1 (id=1779):
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
read(r0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r1}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x84, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x68, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0x2c, 0x11, 0x0, 0x1, @limit={{0xa}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_LIMIT_UNIT={0xc, 0x2, 0x1, 0x0, 0x3}, @NFTA_LIMIT_RATE={0xc, 0x1, 0x1, 0x0, 0x101}]}}}]}, @NFT_MSG_NEWSETELEM={0x30, 0xc, 0xa, 0x101, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xe0}}, 0x0)

1.575513185s ago: executing program 5 (id=1781):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = socket(0x1d, 0x3, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt(r1, 0x6, 0x4, 0x0, 0x0)
sendmsg$nl_generic(r0, 0x0, 0xc004804)
r2 = socket$inet6(0xa, 0x3, 0x3c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000080), 0x4)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0xff}, 0x7}, 0x1c)
setsockopt$inet6_buf(r2, 0x29, 0x32, &(0x7f0000000200)="95de66096bcc111518d3640f969ee0f145ae77ab", 0x14)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
perf_event_open(&(0x7f0000000140)={0x1, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x8008, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x113a0, 0x0, 0x3, 0x5, 0x0, 0x800001, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000080)="5c00000012006bab9e3fe3d86e17aa31070000007ea60864160af365da8fb21a38001d00f07251ca60bc24eab556a71a251e6182949a3651f60a84c910d5938037e786a6d0bdd7fcf50e4509985300782c37ba90adcd1500000080bc", 0x5c}], 0x1, 0x0, 0x0, 0x1f000008}, 0x4800)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/nat_icmp_send\x00', 0x2, 0x0)
syz_mount_image$vfat(&(0x7f0000001200), &(0x7f0000001240)='./bus\x00', 0x0, &(0x7f0000002480)=ANY=[], 0x1, 0x11f4, &(0x7f0000001280)="$eJzs3M+LG2UYB/DHbWvr1v2h1moL0he96GXo7sGLgiyyBWlAaRuhFYSpO9GQMQmZsBARV09e/TvEozdBvOllL/4N3vbisQdxxMTapsRDqXTa8Plc8pD3/cLzkjDwDvPO0ZvffNrrVFknH8fKE2/FyjAi3UqRYiVu+zJee+PnX166ev3G5Z1Wa/dKSpd2rm29nlJav/DjB59/9/JP49Pvf7/+w8k43Pzw6Pft3w7PHp47+vPaJ90qdavUH4xTnm4OBuP8ZlmkvW7Vy1J6ryzyqkjdflWM5sY75WA4nKS8v7e2OhwVVZXy/iT1ikkaD9J4NEn5x3m3n7IsS2urwYNof3urruuIuj4RT0Zd1/VTsRqn4+lYi/XYiM14Jp6N5+JMPB9n44V4Mc5NZzXdNwAAAAAAAAAAAAAAAAAAACyXBzr/f6Hh5gEAAAAAAAAAAAAAAAAAAGBJXL1+4/JOq7V7JaVTEeXX++399uxzNr7TiW6UUcTF2Ig/Ynr6f2ZWX3qntXsxTW3GV+XBP/mD/fax+fzW9HUCC/Nbs3yaz5+M1bvz27ERZxbntxfmT8Wrr9yVz2Ijfv0oBlHGXvydvZP/Yiult99t3ZM/P50HAAAAyyBL/1q4f8+y/xqf5e/j/sA9++vjcf54s2snopp81svLshg1XtzuaPbNQUQ8Io0tcXHi0Wjj/y2Ozf2Rmu/nMS2auybx8Nz50ZvuBAAAAAAAAAAAgPvxMB4nbHqNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/MUOHAsAAAAACPO3TqNjAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//86R81g")
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0xfffffd9b, 0x0, 0x1, 0x0, 0x0, 0x4042800}, 0x4000)
socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x18, &(0x7f0000000180)=0x4, 0x4)
rt_sigqueueinfo(0x0, 0x6, &(0x7f0000000080)={0x13, 0x5, 0x28})
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r5 = mq_open(&(0x7f000084dff0)='\xa1sxt\x1a\x00\x00\x00\x00\x00\x00\x00\x01\x88\xbdd', 0x6e93ebbbcc0884f2, 0x9a, &(0x7f0000000300)={0x800000, 0x1, 0x84})
mq_timedsend(r5, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r5, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r5, &(0x7f00000003c0)=""/214, 0xd6, 0x2, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x2, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xfffffffd, 0x0, @perf_config_ext={0x400000400000000}, 0x0, 0x0, 0x0, 0x9, 0x63e4b27f, 0x8001, 0x8000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_inet_SIOCSIFDSTADDR(r4, 0x8918, &(0x7f0000000100)={'team_slave_0\x00', {0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}})
prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20)
mkdirat(r4, &(0x7f0000000180)='./bus\x00', 0x0)

1.537282746s ago: executing program 1 (id=1783):
syz_read_part_table(0x593, &(0x7f00000005c0)="$eJzs0r1LK2kUB+A3A5c0e4lcLli4hWCwigqx0CIpRGJIY0RcsbAWLLQQLCwkEq39+AcUv0BsxD6lGEEUYiUpxXpBsUmVZdfZxmplUdnleZrhPefMHF5+E/hPi8Lv7XY7EUJoJ9//9m+nhbFS98TI5FQIiTAbQij8+stfnUQ88fdXz+NzOT6XktnG/vXo82nHTc9dPX0Yxf1aFMJaCGHh4Sj1b+/G/99Z/jK1vrFU3FzJz98XVx8H5/oKXVuFxZ2hg1xlujM3E/9Ytehz9qcbw8e37fLT7vf+b/VGK3sVz2USH7Ofr/U2/72f1Wa1Nd57sjyQ+dG8qGzHub/IHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+GBn+cvU+sZScXMlP39fXH0cnOsrdG0VFneGDnKV6c7cTPQ6V4s+Z3+6MXx82y4/7X7v/1ZvtLJX8Vwm8TH7+Vpv89/7WW1WW+O9J8sDmR/Ni8p2nPuL/AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf6gwVuqeGJmcCiERZkMIo1HH0Z/1dvK1n4jnzuNnOa6XktnG/vXo82nHTc9dPX04EddrUQhrIYSFh6PUp1+Gd/sjAAD///tch0s=")
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000017"], 0x54}, 0x1, 0x0, 0x0, 0x4}, 0x4000004)
lstat(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
timer_create(0x2, &(0x7f0000000180)={0x0, 0x21}, &(0x7f00000000c0))
r3 = signalfd4(0xffffffffffffffff, &(0x7f00000008c0), 0x8, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r3}})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001d40)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000001d00)={&(0x7f0000001bc0)=@gettaction={0x11c, 0x32, 0x100, 0x70bd26, 0x25dfdbfb, {}, [@action_dump_flags=@TCA_ROOT_TIME_DELTA={0x8, 0x4, 0x7}, @action_gd=@TCA_ACT_TAB={0x4c, 0x1, [{0x10, 0x0, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}, {0x10, 0xc, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}, {0x10, 0x13, 0x0, 0x0, @TCA_ACT_KIND={0xa, 0x1, 'pedit\x00'}}, {0xc, 0x10, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x5}}, {0xc, 0x15, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x5}}]}, @action_gd=@TCA_ACT_TAB={0x5c, 0x1, [{0xc, 0x3, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7}}, {0xc, 0x1d, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xfffffff9}}, {0x14, 0x11, 0x0, 0x0, @TCA_ACT_KIND={0xf, 0x1, 'tunnel_key\x00'}}, {0xc, 0x1d, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}, {0x10, 0xd, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'vlan\x00'}}, {0x10, 0xd, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'csum\x00'}}]}, @action_gd=@TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0x12, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x3}}, {0xc, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0x7, 0x1, 'xt\x00'}}]}, @action_gd=@TCA_ACT_TAB={0x3c, 0x1, [{0x10, 0xd, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'police\x00'}}, {0x10, 0x8, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'csum\x00'}}, {0xc, 0x5, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ipt\x00'}}, {0xc, 0x1d, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x6}}]}]}, 0x11c}, 0x1, 0x0, 0x0, 0x1}, 0x44894)
timer_settime(0x0, 0xe54aef35e9c2845d, &(0x7f000006b000)={{}, {0x0, 0x9}}, 0x0)
r4 = getuid()
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
r6 = socket$isdn_base(0x22, 0x3, 0x0)
setsockopt$inet6_IPV6_RTHDR(r5, 0x29, 0x39, &(0x7f00000000c0)=ANY=[], 0x8)
r7 = shmget$private(0x0, 0x13000, 0x1, &(0x7f0000feb000/0x13000)=nil)
shmat(r7, &(0x7f0000ff7000/0x3000)=nil, 0x400c)
recvmmsg(r5, &(0x7f0000001b80)=[{{&(0x7f0000000940)=@un=@abs, 0x80, &(0x7f0000001a40)=[{&(0x7f00000009c0)=""/4096, 0x1000}, {&(0x7f0000000480)}, {&(0x7f00000019c0)=""/68, 0x44}], 0x3, &(0x7f0000001a80)=""/240, 0xf0}, 0x8}], 0x1, 0x10000, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, &(0x7f0000000240)={{{@in=@initdev, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0}}, {{@in6=@local}, 0x0, @in=@remote}}, &(0x7f0000000040)=0xe8)
getgroups(0x6, &(0x7f0000000340)=[0xee00, 0xffffffffffffffff, 0x0, <r9=>0xee01, 0xee01, 0xffffffffffffffff])
getsockopt$inet6_IPV6_IPSEC_POLICY(r5, 0x29, 0x22, &(0x7f0000000380)={{{@in6=@private0, @in=@private, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r10=>0x0}}, {{@in=@multicast2}, 0x0, @in=@loopback}}, &(0x7f0000000900)=0xa7)
newfstatat(0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, <r11=>0x0}, 0x100)
r12 = syz_clone3(&(0x7f0000000780)={0x4000200, &(0x7f0000000500), 0x0, &(0x7f0000000640), {0x20}, &(0x7f0000000680)=""/35, 0x23, &(0x7f00000006c0)=""/93, &(0x7f0000000740)=[0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0], 0x5, {r6}}, 0x58)
shmctl$IPC_SET(r7, 0x1, &(0x7f0000000880)={{0x0, r8, r9, r10, r11, 0x1c3, 0x384d}, 0x9, 0x8000, 0x4, 0xfff, r12, 0x0, 0x6})
setresuid(0x0, 0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x100800, &(0x7f0000000380)={[{@mode}, {@uid={'uid', 0x3d, r2}}, {@uid={'uid', 0x3d, r4}}, {@gid={'gid', 0x3d, r11}}, {}, {}, {@gid={'gid', 0x3d, 0xffffffffffffffff}}, {@gid}, {@mode}], [{@hash}, {@appraise_type}, {@dont_measure}]})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r0)

1.312546409s ago: executing program 3 (id=1787):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0}, 0x18)
open(&(0x7f0000000000)='./file0\x00', 0x80140, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/locks\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000850000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
getsockopt(r0, 0x28, 0x40006, 0x0, &(0x7f0000000040))
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b703000000000001850000001b000000b70000000000070095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r1}, 0x18)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000001040)={{0x1, 0x1, 0x1018}, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00'})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6e, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r3}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000340)={'hsr0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x70bd29, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffe0}, {0xfff3}}}, 0x24}}, 0x44010)

1.30529926s ago: executing program 5 (id=1788):
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x4000)
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00'}, 0x10)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0x9, 0x8, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10)
statfs(&(0x7f0000001380)='./bus\x00', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)
sendmsg$nl_route(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=@newlink={0x44, 0x10, 0x403, 0x2, 0x0, {0x0, 0x0, 0x4, 0x0, 0x300}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_DEFAULT_PVID={0x6, 0x27, 0xe}, @IFLA_BR_GROUP_FWD_MASK={0x6, 0x9, 0x8b}]}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x8044)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_stall_count', 0x0, 0x122)
r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x121a02, 0x0)
sendfile(r7, r6, 0x0, 0x8)
renameat2(r6, &(0x7f0000000040)='./file0\x00', r2, &(0x7f0000000240)='./file0\x00', 0x5)
unshare(0x20040600)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000001740)={0xffffffffffffffff, 0x0, 0x0}, 0x20)
r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8e600000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r8, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r9}, 0x10)
socket$kcm(0x10, 0x2, 0x0)

1.221311141s ago: executing program 3 (id=1790):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000000a40)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(0xffffffffffffffff, 0x84, 0x6e, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x76200}], 0x1, 0x7c00, 0x0, 0x3)

1.190976961s ago: executing program 2 (id=1791):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x13, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000040000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000100000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x38, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
bpf$ENABLE_STATS(0x20, &(0x7f0000000000), 0x4)
r1 = fsopen(&(0x7f00000000c0)='selinuxfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x0)
fsconfig$FSCONFIG_SET_PATH_EMPTY(r1, 0x4, &(0x7f0000000000)='dirsync\x00', &(0x7f0000000040)='./file0\x00', r2)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
flock(r3, 0x2)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000800)=ANY=[@ANYBLOB="140000001000040000000000000000000300000a20000000000a05000000000000000000070000000900010073797a300000000044000000090a010400000000000000000700ffff08000a40000000030900020073797a31000000000900010073797a3000000000080005400000002105000d40930000005c0000000c0a01020000000000000000070000000900020073797a31000000000900010073797a3000000000300003802c0000800400018024000b80100001800c000100636f756e7465720010000180090001006c617374"], 0xe8}, 0x1, 0x0, 0x0, 0x10}, 0x0)

1.169220782s ago: executing program 2 (id=1793):
syz_read_part_table(0x593, &(0x7f00000005c0)="$eJzs0r1LK2kUB+A3A5c0e4lcLli4hWCwigqx0CIpRGJIY0RcsbAWLLQQLCwkEq39+AcUv0BsxD6lGEEUYiUpxXpBsUmVZdfZxmplUdnleZrhPefMHF5+E/hPi8Lv7XY7EUJoJ9//9m+nhbFS98TI5FQIiTAbQij8+stfnUQ88fdXz+NzOT6XktnG/vXo82nHTc9dPX0Yxf1aFMJaCGHh4Sj1b+/G/99Z/jK1vrFU3FzJz98XVx8H5/oKXVuFxZ2hg1xlujM3E/9Ytehz9qcbw8e37fLT7vf+b/VGK3sVz2USH7Ofr/U2/72f1Wa1Nd57sjyQ+dG8qGzHub/IHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+GBn+cvU+sZScXMlP39fXH0cnOsrdG0VFneGDnKV6c7cTPQ6V4s+Z3+6MXx82y4/7X7v/1ZvtLJX8Vwm8TH7+Vpv89/7WW1WW+O9J8sDmR/Ni8p2nPuL/AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf6gwVuqeGJmcCiERZkMIo1HH0Z/1dvK1n4jnzuNnOa6XktnG/vXo82nHTc9dPX04EddrUQhrIYSFh6PUp1+Gd/sjAAD///tch0s=")
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000"], 0x54}, 0x1, 0x0, 0x0, 0x4}, 0x4000004)
lstat(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
timer_create(0x2, &(0x7f0000000180)={0x0, 0x21}, &(0x7f00000000c0))
r3 = signalfd4(0xffffffffffffffff, &(0x7f00000008c0), 0x8, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r3}})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001d40)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000001d00)={&(0x7f0000001bc0)=@gettaction={0x114, 0x32, 0x100, 0x70bd26, 0x25dfdbfb, {}, [@action_dump_flags=@TCA_ROOT_TIME_DELTA={0x8, 0x4, 0x7}, @action_gd=@TCA_ACT_TAB={0x4c, 0x1, [{0x10, 0x0, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}, {0x10, 0xc, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}, {0x10, 0x13, 0x0, 0x0, @TCA_ACT_KIND={0xa, 0x1, 'pedit\x00'}}, {0xc, 0x10, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x5}}, {0xc, 0x15, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x5}}]}, @action_gd=@TCA_ACT_TAB={0x5c, 0x1, [{0xc, 0x3, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7}}, {0xc, 0x1d, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xfffffff9}}, {0x14, 0x11, 0x0, 0x0, @TCA_ACT_KIND={0xf, 0x1, 'tunnel_key\x00'}}, {0xc, 0x1d, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}, {0x10, 0xd, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'vlan\x00'}}, {0x10, 0xd, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'csum\x00'}}]}, @action_dump_flags=@TCA_ROOT_TIME_DELTA={0x8, 0x4, 0x592}, @action_gd=@TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0x12, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x3}}, {0xc, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0x7, 0x1, 'xt\x00'}}]}, @action_gd=@TCA_ACT_TAB={0x2c, 0x1, [{0x10, 0x8, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'csum\x00'}}, {0xc, 0x5, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ipt\x00'}}, {0xc, 0x1d, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x6}}]}]}, 0x114}, 0x1, 0x0, 0x0, 0x1}, 0x44894)
timer_settime(0x0, 0xe54aef35e9c2845d, &(0x7f000006b000)={{}, {0x0, 0x9}}, 0x0)
r4 = getuid()
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
r6 = socket$isdn_base(0x22, 0x3, 0x0)
setsockopt$inet6_IPV6_RTHDR(r5, 0x29, 0x39, &(0x7f00000000c0)=ANY=[], 0x8)
r7 = shmget$private(0x0, 0x13000, 0x1, &(0x7f0000feb000/0x13000)=nil)
shmat(r7, &(0x7f0000ff7000/0x3000)=nil, 0x400c)
recvmmsg(r5, &(0x7f0000001b80)=[{{&(0x7f0000000940)=@un=@abs, 0x80, &(0x7f0000001a40)=[{&(0x7f00000009c0)=""/4096, 0x1000}, {&(0x7f0000000480)}, {&(0x7f00000019c0)=""/68, 0x44}], 0x3, &(0x7f0000001a80)=""/240, 0xf0}, 0x8}], 0x1, 0x10000, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, &(0x7f0000000240)={{{@in=@initdev, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0}}, {{@in6=@local}, 0x0, @in=@remote}}, &(0x7f0000000040)=0xe8)
getgroups(0x6, &(0x7f0000000340)=[0xee00, 0xffffffffffffffff, 0x0, <r9=>0xee01, 0xee01, 0xffffffffffffffff])
getsockopt$inet6_IPV6_IPSEC_POLICY(r5, 0x29, 0x22, &(0x7f0000000380)={{{@in6=@private0, @in=@private, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r10=>0x0}}, {{@in=@multicast2}, 0x0, @in=@loopback}}, &(0x7f0000000900)=0xa7)
newfstatat(0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, <r11=>0x0}, 0x100)
r12 = syz_clone3(&(0x7f0000000780)={0x4000200, &(0x7f0000000500), &(0x7f0000000600), &(0x7f0000000640), {0x20}, 0x0, 0x0, &(0x7f00000006c0)=""/93, &(0x7f0000000740)=[0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0], 0x5, {r6}}, 0x58)
shmctl$IPC_SET(r7, 0x1, &(0x7f0000000880)={{0x0, r8, r9, r10, r11, 0x1c3, 0x384d}, 0x9, 0x8000, 0x4, 0xfff, r12, 0x0, 0x6})
r13 = socket(0x1, 0x2, 0x0)
getsockopt$sock_cred(r13, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r14=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(r14, r14, 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, <r15=>0x0}, 0x1000)
getresgid(&(0x7f00000002c0)=<r16=>0x0, &(0x7f0000000300), &(0x7f0000000340))
mount$bpf(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x100800, &(0x7f0000000380)={[{@mode}, {@uid={'uid', 0x3d, r2}}, {@uid={'uid', 0x3d, r4}}, {@gid={'gid', 0x3d, r11}}, {@uid={'uid', 0x3d, r14}}, {@uid={'uid', 0x3d, r15}}, {@gid={'gid', 0x3d, 0xffffffffffffffff}}, {@gid={'gid', 0x3d, r16}}, {@mode}], [{@hash}, {@appraise_type}, {@dont_measure}]})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r0)

1.076129303s ago: executing program 5 (id=1794):
sendmsg$MPTCP_PM_CMD_SUBFLOW_DESTROY(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000540)={0x0}}, 0x40004)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@delchain={0x144, 0x65, 0x2, 0x70bd27, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0x1}, {0x0, 0xb}}, [@TCA_CHAIN={0x8, 0xb, 0x6}, @TCA_CHAIN={0x8, 0xb, 0x6}, @filter_kind_options=@f_bpf={{0x8}, {0x108, 0x2, [@TCA_BPF_FD={0x8}, @TCA_BPF_CLASSID={0x8, 0x3, {0x0, 0xfff1}}, @TCA_BPF_ACT={0xe8, 0x1, [@m_simple={0x5c, 0x1e, 0x0, 0x0, {{0xb}, {0x4}, {0x2f, 0x6, "1418bd2c32a073d723e0b8c72b0559383dcb289d087137ef800c671e42c961faca95344c687f10f4010ecb"}, {0xc}, {0xc, 0x8, {0x1}}}}, @m_ctinfo={0x88, 0x1b, 0x0, 0x0, {{0xb}, {0x5c, 0x2, 0x0, 0x1, [@TCA_CTINFO_ZONE={0x6, 0x4, 0x81}, @TCA_CTINFO_ACT={0x18, 0x3, {0xd, 0x6, 0x3, 0x101, 0x4}}, @TCA_CTINFO_PARMS_DSCP_MASK={0x8, 0x5, 0x8}, @TCA_CTINFO_ZONE={0x6, 0x4, 0x400}, @TCA_CTINFO_PARMS_CPMARK_MASK={0x8, 0x7, 0xffffffb4}, @TCA_CTINFO_ZONE={0x6, 0x4, 0x3}, @TCA_CTINFO_ACT={0x18, 0x3, {0x0, 0x0, 0xe, 0x8, 0x512ce089}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc}}}]}, @TCA_BPF_NAME={0xc, 0x7, './file0\x00'}]}}]}, 0x144}, 0x1, 0x0, 0x0, 0x81}, 0x20000080)
socket(0x10, 0x803, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@filter={'filter\x00', 0xe, 0x3, 0xc52, [0x0, 0x2000000026c0, 0x2000000026f0, 0x2000000030fe], 0x0, &(0x7f0000000040), &(0x7f00000026c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0100000005000000060000008d057767300000000000000000000000000076657468305f766972745f7769666900626f6e643000000000000000000000006e657464657673696d300000000000000180c20000010000ff0080ffaaaaaaaaaa44ff00fff3ffff2e090000ae090000de090000737461746500000000000000000000000000000000000000000000000000000008000000000000000600000000000000616d6f6e6700000000000000000000000000000000000000000000000000000068080000000000000c00000050040000020000000900000001000000000000800900000002000000080000000900000007000000040000000180ffffffffff7f03000000f7ffffff030000000700000001800000cd00000003000000ff000000ffffffff26210000420200000d000000e100000003000000fcffffff1000000000000000a00a000001800000070000000300000002000000060000001a1b000001000000faffffff0400000000000000070000008001000003000000ff0000000400000004000000010100000800000000000000c97a000008000000050000000000008007460000ce0f0000090000000c390000090000000b000000000400000500000001000000740700000400000001000000feffffff0100000004740000ff0000000300000000000100070000001e8800000100010005000000000200000700000009000000008000000100000080650000090000006447a002872d00000100000001000000c4000000ffffff7f08000000810000000100000006000000070000000008000001000000960500007500000005000000090000000800000004000000ce2c00001000000001000080090000000d000000050000006883000007000000f21f0000d90000000500000000040000070000000037040002000000ffffff7f04000000650d0000ad040000100007000000000000000000ee41000080ffffff7fffffff11a60000090000000600000000020000080000000080000004000000ff7f0000e2000000ff01000000be0000060000004bbb000004000000ffffffff070000000000000007000000766000000900000007000000030000000200000000000000080000000200000016100000ab03000005000000070000000600000002000000050000000080000004000000090000004f070000050000002605000001000000ee690000080000000000000009000000010400009300000008000000020000000400000058f800003100000004000000010400000080000009000000bbfd00000700000000010000020000001000000005000000060000000000400005000000d0f9ffff0200000001000000ea54000003000000010000000600000009000000f7ffffff01010000030000000100000009000000020000000900000003000000d24d000007000000ffff000006000000010100000500000000000000ffffffff0400000004000000f7ffffff050200000100000000000080070000000700000002000000020000000700000000100000070000000100000007000000fbffffff0001000000010000110e00001000000008000000010000800b00000001000100040000003501000003000000030000000600000004000000f9ffffff000400001cf0ffff330700000100000002000000080000000700000000000000080000000300000007000000040000000900000005000000f702000059ec0000ac14141ff9ffffffff070000ac1414bb01000000030000007f00000103000000050000007f0000010500000005000000ac1e010140000000ffffffff060000000500000003000000930b000003000000800000007f00000002000000f7ffffffff030000050000006900000002000000443f000006000000fbffffff0300000005000000090000005e1fffff05000000cf9a00000e00000003000000070000004e0000000300000067000000ffffff7f04000000010100000300000001000000020000005dec00000700000007000000506900004000000000010000db620000004000000800000009000000010001000600000002000000060000000700000005000000070000000900000000000000070000000e0000000002000002000000060000000c0000009f560000070000000b0000000800000002000000582d00000400000005000000f9ffffff020000000100000007000000d15e0000e5010000000000000800000000040000080000000900000006000000040000000002000003000000010000008000000002000000030000000300000001050000070000000700000001000000aa0000000600000004000000141d00009e3a0000feffffff0900000005000000ffffffff80000000030000000200000003000000050000000900000002000000001000000500000002000000010000000100000006000000010400000600000001040000ff010000080000008700000001000000b9000000060000000100000000000000f7ffffff06000000810000000900000007000000010100000b0000000000000002000000130000000d000000010400000000000000000000ea060000bd0000000000a00000f8ffff060000008b0b00000600000000100000030000000c000000004cd5000200000007000000650c0000ef4400000500000004000000ffffffff0600000006000000ffffffff070000002e030000070000009d440000ff030000000000000100000000800000060000000100000064060000fdffffff0e0000000800000007000000060000000f00000069e4ffff030000000500000002000000ff010000040000005e010000e60200000600000081000000da0000000200000005000000ff07000001fcfffffeffffff0300000004000000040000000000000006000000060000003a000000090000002ef10143fcffffff3ae6c7ef0800000002000000000100000400000007000000010100000000000002000000060000000600000000000000018000000000008005000000ffffff7f0100000007000000db000000010400000c0000000700000000040000910b000009000000090000007f00000004000000ffffff7f0300000008000000020000004b000000ff07000006000000ffffffff070000000000000006000000020000000000e01f060000000300000000010000ff000000f7ce0000008000003cf50000f8ffffff0000000004000000000200003fb5b8360100000006000000040000000a01010100000000434f4e4e5345434d41524b000000000000000000000000000000000000000000080000000000000001000000000000006c6f67000000000000000000000000000000000000000000000000000000000028000000000000000937b36d1620709909508908c0c49da17ecb3d4a086e06014fd7dabc7c5341000a00000000000000434f4e4e5345434d41524b0000000000000000000000000000000000000000000800000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff02000000030000003000000086dd6d6163736563300000000000000000006261746164765f736c6176655f3100006970766c616e3100000000000000000069705f76746930000000000000000000aaaaaaaaaaaa0000ff0000ffbbbbbbbbbbbb00ff8000ff006e000000b6000000060100005241544545535400000000000000000000000000000000000000000000000000200000000000000073797a30000000000000000000000000050700000000000002000000000000006c6f67000000000000000000000000000000000000000000000000000000000028000000000000000fd0162729f6280b7e88a976cdaae002919af87dc6567f06bab96218cb6d170002000000000000000300000012000000fbf876657468305f746f5f627269646765006c6f000000000000000000000000000069705f76746930000000000000000000766c616e3000000000000000000000000180c200000effffff000000aaaaaaaaaaaaffff00ffffffae000000ae000000de0000006d61726b5f6d000000000000000000000000000000000000000000000000000018000000000000000000000000000000060000000000000000010000000000"]}, 0xc99)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ipv6_route\x00')
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r2, 0x0, 0x0}, 0x20)
r3 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./bus\x00', 0x289c2, 0x1)
fcntl$setlease(r3, 0x400, 0x1)
close_range(r1, 0xffffffffffffffff, 0x0)

1.075624373s ago: executing program 4 (id=1795):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
r1 = socket$kcm(0x10, 0x2, 0x0)
socket$packet(0x11, 0x2, 0x300)
socket$packet(0x11, 0xa, 0x300)
socket$packet(0x11, 0xa, 0x300)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x6, 0x3, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f271a76d2608064c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000001c000000000000ea04850000007b000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
sendmsg$kcm(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000000)='.\x00\x00', 0x3}], 0x1}, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffed850000006d000000a50000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
keyctl$clear(0x7, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000140)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0, &(0x7f00000004c0)={[{@dax_always}, {@max_batch_time={'max_batch_time', 0x3d, 0x14a2ecd8}}]}, 0xfc, 0x59c, &(0x7f0000001500)="$eJzs3e9rJGcdAPDvbHbz4y6aKH1RhdbDFu6KXnLp2TaI9k4Q3xWU6usz5PZCuE32SDZtEw7N4R8giNiCb/SVbwT/AEHuTyiCYN+LFeXQq4JFtCMzO5vspTu3SS67q8nnA5N5duaZ+X6f2d3Z2ZlnMwGcWRci4npEjEXECxExU0yvFEPstoes3gcP7y5nQxJp+vpfk0iKaVm1JGIsKZY9Xyw22R49aqo92tzeub3UaNQ3isnzrbU785vbO5dX15ZW6iv19atXF15efGXxpcUrJ9LOrF2vfv1PP/nhL77x6m+++OYfbvzl0veyfKeL+Z12nLT2Nqll22JPNSI2BhFsBMaK9vwrbetdqzrstAAAKJEd4386Ij6fH//PxFifY7XxrnIy8OwAAACAk5Bem45/JxHpEdWOvAQAAAAwKpW8D2xSmSv6AkxHpTI31+7D+1ScqzSam60v3Gpurd9s95WdjVrl1mqjfiXvUzsREbUke7ywd0ah/fjFvG42JI/0Af7xzFQ+f2652bg5ihMeAAAAcAadP/D9/x8z7e//AAAAwCkzW4zPjTgPAAAAYHBmR50AAAAAMHDH+P4/Pog8AAAAgIH45muvZUPauf/1zTe2t24337h8s755e25ta3luublxZ26l2VxppBMRa/3W12g273wp1rfemm/VN1vzm9s7N9aaW+utG6uP3AIbAAAAGKJPfe7+e0lE7H55Kh+ic21/rGQBvxWAU6NyyHpp9uf9weYCDFfZxzxw+lUfP7usm+/EIHIBhqvWHiWjzgMYnX47gMmyGu8eK5yfDwEAwAhc/Mz999Lk49f/q/vnBoBT6rDX/4HTp+T6fzoz7ESAoSu9/t+nYwDw/6+mByCcef2v/5d4N591vX+ENO27LgAAYKCm8yGpzBXXAqej8mHaFrNRS26tNupXIuKTEfH7mdpE9nghXzLxowEAAAAAAAAAAAAAAAAAAAAAAAAAOKQ0TSI9huqxlgIAAABGIaLy56S4D/DFmeenD54fGE8+zG8F/FGapm/+9PW331pqtTYWsul/y6ePR0TrnWz6+ChOXwAAAABdOnf5z7+/v1gbcTYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnFYfPLy73BmGGffB1yJitlf8akzm48moRcS5vydR7VouiYixE4i/ey8inu4VP8nSitkii4PxKxExlWfxxPErRbEs/jNpmvaMf/6Jo8PZdj/b/1zv9f6vxIV83Pv9X20P1540fmf/d75rH9yJ39n/je3F/+pe8GzP84lDxvjs73413/XwO/vFifb8au/9Xyd+UrL/fa5XsOrHJ3332zs7ZbmlP4+42Gl7GhFd8btjzbfW7sxvbu9cXl1bWqmv1NevXl14efGVxZcWr8zfWm3Ui7/7K3473Sv+6Jlff1QW/8GFiHMR6czDu8vjnZyKD5bZ9ugryV4q44/k9HxWqJWted9/9hfrrp2v9cG9iEvP7W3/9Ptdz//T+bjn9v/ZP9Nc/jmQzb9YfCYku+1yRPHyjYhnf/nbZ0vbf2+yKB39+b/Uv+m5F771gz8esioAMASb2zu3lxqN+sbAC++kaXq4ytlRaXmdtDga60xJInYP1skO4E64FVMRUTIrYicm96ZMFVs1Drvmp0pTfX8qYkjPzlEL145SOZ040ost2f0faOAZLoznL8iR7pYAAIAB2D/6H3UmAAAAAAAAAAAAAAAAAAAAcHYN4/+KHYy5O5qmAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA81n8DAAD//x3CzJ0=")
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000002b40), 0x24, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x533201, 0x80)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r6, @ANYBLOB="796104000000000000007e000000a46a589a21f9714f4125aec6662c8d27a3c0192f1384239b2f"], 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x300000000000000)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r7, 0x1, 0x1a, &(0x7f0000000000)={0x0, &(0x7f00000000c0)}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f0000000080)='kmem_cache_free\x00', r8, 0x0, 0x800000001}, 0x18)
socket$kcm(0x2, 0x2, 0x73)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000240)={'wlan0\x00'})
sendmsg$NL80211_CMD_REGISTER_FRAME(0xffffffffffffffff, 0x0, 0x80)

1.048286803s ago: executing program 3 (id=1796):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)=r1}, 0x20)
syz_emit_ethernet(0x3e, &(0x7f0000000640)=ANY=[@ANYBLOB="aaaaaab8aaaaaaaaaaaaaaaaaa0800450000cdc12d391cf1667cbb2d89c730000000b6f88601a9df1924c2bf019078ac1e0001e00000011d01907803000000450000fd909c3598228f00d6a80db99812277ab9f70cf08685aba2c1cc960341078aef3bfd7d7e636a4b5d55216c7389819c5391c892c4443020be2acf07e49bc6d3ed1a4763dabea11f00b0b5974311e103243dc7ac955cb6faeb10227113c248c26e9440aee4dcfaf3bd481c50c21b5398e5f3bfab67edc12d3767a799fa4445378c6cce8edd4d42c2584dfba6cf4640311604e5e7e9"], 0x0)

1.006183834s ago: executing program 3 (id=1797):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x2, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000004cc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x9, 0x400, 0x6, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xaf1d, 0x1, @perf_bp={0x0, 0x1}, 0x100410, 0x200, 0x2, 0x1, 0x9, 0x9, 0xfffd, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x20c006, &(0x7f0000000080)={[{@i_version}, {@mblk_io_submit}, {@init_itable_val={'init_itable', 0x3d, 0xba}}, {@nombcache}, {@discard}, {@data_err_abort}], [{@seclabel}]}, 0x1, 0x43d, &(0x7f0000000900)="$eJzs281vG0UbAPBn7SR9+/FSU5WPpgUCBRHxkTRpKT1wAYHEASQkOJRjSNIq1G1QEyRaRRAQKkdUiTviiMRfwAkuCDghcYU7qlShXFrgYrTZ3cR27LQOTlzw7ydtMrM7zszj3bFnZ7IB9K2R9EcSsS8ifomI/Vm2scBI9uvmytL0HytL00nUaq//nqyWu7GyNF0ULV63t8gMRJQ+TuJwi3oXLl0+N1Wtzl7M8+OL598ZX7h0+em581NnZ8/OXpg8derE8YlnT04+05U407huDL8/f+TQy29efXX69NW3fvgqKeJviqNLRjY7+Fit1uXqeuv/delkoIcNoSPlrJvG4Gr/3x/lWD95++Olj3raOGBb1Wq12r3tDy/XgP+wJHrdAqA3ii/69P632HZo6HFHuP58dgOUxn0z37IjA1HKyww23d9200hEnF7+8/N0i+2ZhwAAaPBNOv55Kh//NSz8lKJ+XuiufA2lEhF3R8SBiDgZEQcj4p6I1bL3RcT9HdbfvEiycfxTutbhn+xIOv57Ll/bahz/FaO/qJQj/iqGy5UYTM7MVWeP5e/JaAzuSvMTm9Tx7Ys/f9ruWP34L93S+ouxYN6OawO7Gl8zM7U49U9irnf9w4jhgVbxJ2srAellcSgihrdYx9wTXx5pd+zW8Tcaqs90YZ2p9kXE49n5X46m+AvJ5uuT4/+L6uyx8eKq2OjHn6681q7+TuPvtvT872l5/a/FX0nq12sXOq/jyq+ftL2n2er1P5S80bDvvanFxYsTEUPJK1mj6/dPNpWbXC+fxj96tHX/PxDr78ThiEgv4gci4sGIeChv+8MR8UhEHN0k/u9fePTtxj1JB/FvrzT+mY7O/3piKJr3tE6Uz333dUOllegg/vT8n1hNjeZ7bufz73batbWrGQAAAP59ShGxL5LS2Fq6VBoby/6H/2DsKVXnFxafPDP/7oWZ7BmBSgyWipmubD44mw+dyG/ri/xkU/54Pm/8WXn3an5ser460+vgoc/tbdP/U7+Ve906YNt5Xgv6l/4P/Uv/h/6l/0P/atH/d/eiHcDOa/X9/0EP2gHsvKb+b9kP+oj7f+hf+j/0L/0f+tLC7rj1Q/ISEhsSUbojmiGxTYlefzIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB0x98BAAD///1B6is=")
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000100)={'team0\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000006280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000014c0)=@newtaction={0x68, 0x30, 0xb, 0x300, 0x25dfdbfc, {0x0, 0x0, 0x6a00}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x6, 0xff, 0x4, 0x6, 0x6}, 0x4, r3}}]}, {0x4, 0xa}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x2000a804)

818.254397ms ago: executing program 3 (id=1798):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = socket(0x1d, 0x3, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt(r1, 0x6, 0x4, 0x0, 0x0)
sendmsg$nl_generic(r0, 0x0, 0xc004804)
r2 = socket$inet6(0xa, 0x3, 0x3c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000080), 0x4)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0xff}, 0x7}, 0x1c)
setsockopt$inet6_buf(r2, 0x29, 0x32, &(0x7f0000000200)="95de66096bcc111518d3640f969ee0f145ae77ab", 0x14)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
perf_event_open(&(0x7f0000000140)={0x1, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x8008, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x113a0, 0x0, 0x3, 0x5, 0x0, 0x800001, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000080)="5c00000012006bab9e3fe3d86e17aa31070000007ea60864160af365da8fb21a38001d00f07251ca60bc24eab556a71a251e6182949a3651f60a84c910d5938037e786a6d0bdd7fcf50e4509985300782c37ba90adcd1500000080bc", 0x5c}], 0x1, 0x0, 0x0, 0x1f000008}, 0x4800)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/nat_icmp_send\x00', 0x2, 0x0)
syz_mount_image$vfat(&(0x7f0000001200), &(0x7f0000001240)='./bus\x00', 0x0, &(0x7f0000002480)=ANY=[], 0x1, 0x11f4, &(0x7f0000001280)="$eJzs3M+LG2UYB/DHbWvr1v2h1moL0he96GXo7sGLgiyyBWlAaRuhFYSpO9GQMQmZsBARV09e/TvEozdBvOllL/4N3vbisQdxxMTapsRDqXTa8Plc8pD3/cLzkjDwDvPO0ZvffNrrVFknH8fKE2/FyjAi3UqRYiVu+zJee+PnX166ev3G5Z1Wa/dKSpd2rm29nlJav/DjB59/9/JP49Pvf7/+w8k43Pzw6Pft3w7PHp47+vPaJ90qdavUH4xTnm4OBuP8ZlmkvW7Vy1J6ryzyqkjdflWM5sY75WA4nKS8v7e2OhwVVZXy/iT1ikkaD9J4NEn5x3m3n7IsS2urwYNof3urruuIuj4RT0Zd1/VTsRqn4+lYi/XYiM14Jp6N5+JMPB9n44V4Mc5NZzXdNwAAAAAAAAAAAAAAAAAAACyXBzr/f6Hh5gEAAAAAAAAAAAAAAAAAAGBJXL1+4/JOq7V7JaVTEeXX++399uxzNr7TiW6UUcTF2Ig/Ynr6f2ZWX3qntXsxTW3GV+XBP/mD/fax+fzW9HUCC/Nbs3yaz5+M1bvz27ERZxbntxfmT8Wrr9yVz2Ijfv0oBlHGXvydvZP/Yiult99t3ZM/P50HAAAAyyBL/1q4f8+y/xqf5e/j/sA9++vjcf54s2snopp81svLshg1XtzuaPbNQUQ8Io0tcXHi0Wjj/y2Ozf2Rmu/nMS2auybx8Nz50ZvuBAAAAAAAAAAAgPvxMB4nbHqNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/MUOHAsAAAAACPO3TqNjAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//86R81g")
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0xfffffd9b, 0x0, 0x1, 0x0, 0x0, 0x4042800}, 0x4000)
socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x18, &(0x7f0000000180)=0x4, 0x4)
rt_sigqueueinfo(0x0, 0x6, &(0x7f0000000080)={0x13, 0x5, 0x28})
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r5 = mq_open(&(0x7f000084dff0)='\xa1sxt\x1a\x00\x00\x00\x00\x00\x00\x00\x01\x88\xbdd', 0x6e93ebbbcc0884f2, 0x9a, &(0x7f0000000300)={0x800000, 0x1, 0x84})
mq_timedsend(r5, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r5, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r5, &(0x7f00000003c0)=""/214, 0xd6, 0x2, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x2, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xfffffffd, 0x0, @perf_config_ext={0x400000400000000}, 0x0, 0x0, 0x0, 0x9, 0x63e4b27f, 0x8001, 0x8000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_inet_SIOCSIFDSTADDR(r4, 0x8918, &(0x7f0000000100)={'team_slave_0\x00', {0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}})
prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20)
mkdirat(r4, &(0x7f0000000180)='./bus\x00', 0x0)

783.784418ms ago: executing program 4 (id=1799):
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
read(r0, &(0x7f0000000040)=""/148, 0xffffff96)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='GPL\x00', 0x3, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x84, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x68, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0x2c, 0x11, 0x0, 0x1, @limit={{0xa}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_LIMIT_UNIT={0xc, 0x2, 0x1, 0x0, 0x3}, @NFTA_LIMIT_RATE={0xc, 0x1, 0x1, 0x0, 0x101}]}}}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xb0}}, 0x0)

746.390158ms ago: executing program 5 (id=1800):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKSTATE_GET(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)={0x2c, r3, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20004800}, 0x20000000)
r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r1)
r5 = openat$nci(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r5, 0x0, &(0x7f0000000200)=<r6=>0x0)
sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="030026bd70003c0200000200000008000100", @ANYRES32=r6, @ANYBLOB], 0x1c}}, 0x0)
write$nci(r0, &(0x7f00000001c0)=@NCI_OP_RF_INTF_ACTIVATED_NTF={0x1, 0x1, 0x3, 0x5, 0x9, @v={0x1, 0x0, 0x2, 0x6, 0x7, 0x3, 0x82, {0xfc, 0x9, "30ea56c4f61cab1d"}, 0xf, 0xf3, 0xff, 0x4, 0x1, "eb"}}, 0x1a)

716.771879ms ago: executing program 3 (id=1801):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x6, 0x10, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
socket$inet(0x2, 0x4000000000000001, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000000)={0x0, 0x0, 0x18}, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x9, 0x8, 0xdd, 0xff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x3, 0x8000}, {0x6}]}, 0x10)

635.35797ms ago: executing program 4 (id=1802):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000040), 0x81, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000001000000000000000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000100006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500"], &(0x7f0000000000)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

614.98483ms ago: executing program 1 (id=1803):
r0 = syz_mount_image$iso9660(&(0x7f0000000180), &(0x7f0000000280)='./file0\x00', 0xc14002, &(0x7f0000000300)=ANY=[], 0x0, 0x729, &(0x7f0000001340)="$eJzs3V1v3FgZB/D/mZnMTLLQjQBVq6rbnKaslIoy9Uy2qUYBCeM5MzHMjEe2A4mEtCo0WUWddKEtEp2bNje8SMsHgLu94YILPsJKXHC13wKuQFqBkBArEDLysT2v9qRD0u6W/n/V7njsx+ccH7t+6sQ+BhEREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREUFYDcOoCrTt7u6ezGY1XKeTfMljZnlU2hKuRxPX59W5FNYLiPA/lMt4I5r9xpdGIRfD/63jcvTtMsrhRxmD1y6ubn+xkEvWn9Pg/wUWLfDh48G9O/3+wYNniM1DFy+wcC2fCuSeIailurbn2B2zpaTtObK+tWXc3Gl6smm3lbfv+aojLVflfMeVG9Z1Wa3XN6Wq7Du73VbDbKtk5u2v1gxjS36rFO1oABXP2rHbbbvb0jHh4jDmtnz/e1GAMjtSHh71DzbH2vMkrXPDoGpK43PjwWFQ7bTNrRm1WrVaq1W3btVv3TaMwswMIySMIcxEnPtBSy+Z8z2BE51Bzmr82/ijANooo4td7EGm/rHQgAsHnYzlsST/v3VTza13PP8nWX5ptPgSdP6/En27EqaFQkr+z2iLhNR5JG2JyJi/2J8lnagkHuIxBriHO+ijjwM8OIeyJeTamUsoGnFPnr01mFNSCwpd2PDgwEYHJlr4PGQ8R6KOLWzBwDvYQRMeJJqw0YaCh3148KHCI6oYlq9gwocDFxIbsHAdElXUUcfrkFCoYB8OdtFFCw2Y+GcQBIc40v2+GbfnaUpbkQRVMzawhEKyjQeozemJrPz//SfR2nH+N5j/X1XRcVCKPj6aF0P0GRDE1/8LWns+rSEiIiIiIiKi50Hon74L/Vv5NwEEaNptZYwtz/S73ItpIhERERERERGdkUBQwuXwMl/fffcmxOT1PxERERERERG9/IR+xk4AWNE39YvR41LP8kOA/AtoIhERERERERGdkb6//0oRCPSgFWsQC13/ExEREREREdFL4OdjY+wX8vEY+0Hya/0cgLU/lcSHfy3BXRInvb0vi2MzXGIexzEzdwD4zUviQjxQr/4oAtDfLHVZxLVJ4B/jowt8fJg+1v/TICKEcKcaUMxnDE8w3gAR1rxViL/hfVyNVrkajzN/d5CDXhKNKLzStNuqYjnt7SpM80LOV3v+j+8f/QRwh9t5eNQ/qPzgvf5d3ZaTcNbJcVjok4nm5NI7Y9SWR3q8Bf3MRdrbDZbRTKr8RbezInS9RrL9eZjHufGKMnfAr1a3t5aBaCt/ivVon60HUezKYDjivgDW9OAP1YreZRNb7y6JUSuq01uetiMytrysW3Etirm2cS36SPokLCcnyl/JA7XK7D6YaEVtvBWn94X421T/z28FRDnsi82wFb8PC5pqxXc/jFbe7O3Fo73Ob0XwejQ5fRQQEX1aDkdZSA9iPjPGfpIekpPas+adi6soAPFZLiO7j2oJ4vyRZPdHvw6iDJUHCvHvJtJrSfIKwjP6htDlFKMB3QuXUs7oRuWTIAjMC2WMn9H/EwTJBhkLZLeTIAimz+i/Hb0DKW72TCv+FQTBdlVnkl9OZdUPwhU+yKzXa9fyKKOER8c/1APgh949ePfgfq22uWW8bRi3aljS/1SIP/LI/BcIERG9uibfsZP2jj0dkZsTId7G1aiMq3f/8lY0NZHxvhDfUqDdBPp6qIH4FQJr6aWu4BBf/3t0G8KN6KoVWF+JPlcG8uLqdnhVO4w9EgX9hpcbmVd1OpdGsfr2htowNnnv0PQV4Ch28/nuBCIiohdsPSMPAxP5H5P5vzyR/29gI4rYuJR63b0ydkvhjeTqeHhJP3jtJDW2enrjv3HOnUFERPSKUO7HYsX/mXBdu/dOtV6vmv6Okq5jfVu6dqOlpN31lWvtmN2Wkj3X8R3Lacuei5K9rDzp7fZ6juvLpuPKnuPZe/rN7zJ+9bunOmbXty2v11amp6TldH3T8mXD9izZ2/1m2/Z2lKtX9nrKspu2Zfq205Wes+taqiKlp9RYoN1QXd9u2uFkV/Zcu2O6+/I7Tnu3o2RDeZZr93wnKjCpy+42Hbeji60gWPhFh0RERP+PHj4e3LvT7x88mJ5YDi/NozknyIiZnSimFJgHAo4TRERE9BkyStcLrFR+jg0iIiIiIiIiIiIiIiIiIiIiIiIiIiIiIqIZpz/St+DEUtrDgsBwzo8uxHPwFKNHDGfKEThrez5x/6AH9kuLKQKYt3pu0UqTRyIG9z6aE7w8nJN0/3jMySKVYhWYH/Ne9qI/fw54Tc9BNKdwjgfA7POj536MpU187TDq0awYvTB1UWm4Lwrn/9chnLj/m9lFIuz5IAiC+auXJvuwOGcDpyYKAB4U5+yC5VOOn9POHDPjfxPRS+a/AQAA//+63zmW")
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_SET_PEER_PRIMARY_ADDR(r1, 0x84, 0x5, &(0x7f00000004c0)={0x0, @in6={{0xa, 0x4e24, 0x2970, @empty, 0xfffffff8}}}, 0x84)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001700)=@base={0x1e, 0x0, 0x1b, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r4}, 0x0, 0x0}, 0x20)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$PPPIOCGL2TPSTATS(r2, 0x8004745a, &(0x7f0000005280))
futimesat(r0, &(0x7f0000000000)='./file1\x00', 0x0)

584.177331ms ago: executing program 4 (id=1804):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r0}, 0x10)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='mountinfo\x00')
sendfile(r1, r1, &(0x7f0000000040)=0x2eb4, 0x2) (fail_nth: 1)

397.998063ms ago: executing program 4 (id=1805):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xb, &(0x7f0000000a00)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095", @ANYRES32, @ANYRES32, @ANYRES16, @ANYRESOCT=0x0, @ANYRES32=0x0, @ANYBLOB="5c33914d284274d5275d0ef256f49b859031a055fd0d66a3facfa22b7140a37a61053601fa946b1e2c6f587827c0749f55f520bcc45e4676c6a964497dc883f620c2a01331020e802c1c79956d5d5d6ef9e1dfb500d52372dc874179ca291cd4fd915e728abe2a071856102b7d91e4"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r0}, 0x10)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='mountinfo\x00')
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x0, 0x2}, 0xe)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000080)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r3, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000502b3e6e28d967964d9ead3133d167ab6b"], &(0x7f0000000380)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, @void, @value}, 0x94)
r6 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r6, &(0x7f0000000240)=@nameseq={0x1e, 0x1, 0x3, {0x43, 0x1, 0x2}}, 0x10)
r7 = socket$tipc(0x1e, 0x5, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r9, 0x0, 0xfffffffffffff001}, 0x18)
setsockopt$TIPC_GROUP_JOIN(r7, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x0, 0x3, 0x3}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r6, 0x10f, 0x87, &(0x7f0000000100)={0x7, 0x4, 0x2, 0x3}, 0x10)
sendmsg$tipc(r6, &(0x7f0000000400)={&(0x7f00000008c0)=@nameseq={0x1e, 0x1, 0x0, {0x18}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x40000080}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='kvm_dirty_ring_reset\x00', r5, 0x0, 0x2}, 0x17)
syslog(0x2, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0xca04, &(0x7f0000000500)=ANY=[], 0x0, 0x2dc, &(0x7f0000000b00)="$eJzs3U9rY1UUAPDz0tck1UUGcaO4eKALV2Xq1k2rjCB2pURQF1qcDEhSBlooTAXTWfkJXPo9/Ahu3PgNBLeCu7qoXnn/0qSmnU5rRtTfb9PTe++59+RdSLvJyWev7I/vP8zi8elPEZFFZzu2448s7kQnWieRz+JIvSaYGwMA/lV+Syl+TU+V0vwDkHdWUxEAsGr13//aU6SdrLAkAGDFPvjo4/d2dnfvvV8U/XhpENkwi4j9r4+G9fzOg/giJjGKuzGIs4g0U8fvvLt7L/KidCde258eDcvM/U9/aPbf+SWiyt+KwTSW528Vtbn86dFwPZ6LInYerLelDuLF5flvLMmPYTdef3Wu/s0YxI+fx8OYxP2qjvP8r7aK4u30zemXn5THlPlZJ4a9al2priCtVT82nu39AAAAAAAAAAAAAAAAAAAAAADw37RZFFndvqfq31MONf131s6q+c2muU6Rx0J/niY/azeq+wOltsXPNMW3bX+du0VRpGbheX+fPF7OfYkAAAAAAAAAAAAAAAAAAAAAlA4fHY/3JpPRwd8StN0A2o/133Sf7fOR3kK5Fxf3Yq9a0L3WWfPdBspar1wceR5XbrhxmmpPfl2d9tDlazYun7pF0Du/3A+jCmYXc6ud04W7eOGt+vfj8V5RPpZHx+P2IY/3sied1W/3+W5+qhu3fQipqvAsLd5pf1bqZDKKk7LCaqo7l14+o5ue3n1+6dTvKaXr7fPmz/UdNSNZ1WLjeqevN8Fc+uKa/l/v4vvLN7z0LWPt5u82AAAAAAAAAAAAAAAAAADAVerP+p6MDg6XTD6+MrWzsqIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Bmrv/9/MjqYBf2IaEaivzjVBtMmecnUxaAbB4f/8EsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgf+DPAAAA//+58Ed9")
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
lsm_set_self_attr(0x66, 0x0, 0x23, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r3, 0x84, 0x17, &(0x7f0000000400)=ANY=[@ANYRES32=0x0, @ANYBLOB="0100dc00857163e95cd1e074e3c3ca02e2023d8f56aa90a06839e5cb550c74ebc28280f3855764701eec7359c5936e7ce415e3a23fac380cbb55c15c5d36b525d2f6024f83137befff862bedeafe8ac64f7f5f2c677e25edc1151de94cf0861ac819921e6d9d9c1364a4e5922fce9edc6bc8328e68acc38e89ea21ddd48726cbaf6eecd53e342a76bc267fe419c6851a1fe239bfe928032e1e12a25752085f6e943cc2f23470fc7f5c4e473ee51c6b60110362adfaa8ab516279f1af82fcd633ed4d1fbecb6a92a11dd75ba2d2eba4c551406f2e3bbcf6ab6372a9fdbdbbe002ad73ee"], 0xe4)
r10 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x800c2, 0x0)
pwrite64(r10, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
lseek(r10, 0x5, 0x4)
getsockopt$bt_l2cap_L2CAP_OPTIONS(r2, 0x6, 0x1, 0x0, &(0x7f0000000100))
sendfile(r1, r1, &(0x7f0000000040)=0x2eb4, 0x2)

390.217514ms ago: executing program 4 (id=1806):
r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x38, '\x00', 0x0, @lirc_mode2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r3}, &(0x7f0000000340), &(0x7f0000000040)}, 0x20)
socket$packet(0x11, 0xa, 0x300)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r4}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r5}, 0x10)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = socket(0x10, 0x803, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
symlink(&(0x7f0000000540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_queued_recursive\x00', 0x275a, 0x0)
creat(&(0x7f0000000d80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x22)
getsockname$packet(r6, &(0x7f0000000140)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000880)=ANY=[@ANYBLOB="80000000100039042abd7000eafefffff7ff02e4", @ANYRES32=r8, @ANYBLOB="03000000c31006006000128008000100736974005400028008000100", @ANYRES32=r7], 0x80}, 0x1, 0x0, 0x0, 0x8000}, 0x4008040)
sendmsg$IPVS_CMD_FLUSH(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000100)=ANY=[@ANYBLOB="c4000000", @ANYRES16=r0, @ANYBLOB="01000000000000000000011500002c000280060002004e2000000800090010000000060002004e210000080007000101000006000f000700000008000400ff7fffff14000280080006000200000008000900080000000800040002000000600001"], 0xc4}}, 0x4008800)

348.147194ms ago: executing program 1 (id=1807):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000000a40)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(0xffffffffffffffff, 0x84, 0x6e, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x76200}], 0x1, 0x7c00, 0x0, 0x3)

313.229545ms ago: executing program 2 (id=1808):
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
read(r0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r1}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x84, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x68, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0x2c, 0x11, 0x0, 0x1, @limit={{0xa}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_LIMIT_UNIT={0xc, 0x2, 0x1, 0x0, 0x3}, @NFTA_LIMIT_RATE={0xc, 0x1, 0x1, 0x0, 0x101}]}}}]}, @NFT_MSG_NEWSETELEM={0x30, 0xc, 0xa, 0x101, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xe0}}, 0x0)

268.167915ms ago: executing program 2 (id=1809):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)
r1 = syz_open_dev$usbfs(&(0x7f0000000080), 0x72, 0x101301)
ioctl$USBDEVFS_IOCTL(r1, 0xc0105512, &(0x7f0000000000))
ioctl$USBDEVFS_IOCTL(r1, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/freeze_filesystems', 0x4ae82, 0x12c)
write$binfmt_aout(r4, &(0x7f0000001240)={{0x107, 0x55, 0x6, 0x20e, 0x33a, 0x8000, 0x3f}}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r5}, 0x10)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000100)=0x2)

58.033029ms ago: executing program 2 (id=1810):
sendmsg$MPTCP_PM_CMD_SUBFLOW_DESTROY(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000540)={0x0}}, 0x40004)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@delchain={0x144, 0x65, 0x2, 0x70bd27, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0x1}, {0x0, 0xb}}, [@TCA_CHAIN={0x8, 0xb, 0x6}, @TCA_CHAIN={0x8, 0xb, 0x6}, @filter_kind_options=@f_bpf={{0x8}, {0x108, 0x2, [@TCA_BPF_FD={0x8}, @TCA_BPF_CLASSID={0x8, 0x3, {0x0, 0xfff1}}, @TCA_BPF_ACT={0xe8, 0x1, [@m_simple={0x5c, 0x1e, 0x0, 0x0, {{0xb}, {0x4}, {0x2f, 0x6, "1418bd2c32a073d723e0b8c72b0559383dcb289d087137ef800c671e42c961faca95344c687f10f4010ecb"}, {0xc}, {0xc, 0x8, {0x1}}}}, @m_ctinfo={0x88, 0x1b, 0x0, 0x0, {{0xb}, {0x5c, 0x2, 0x0, 0x1, [@TCA_CTINFO_ZONE={0x6, 0x4, 0x81}, @TCA_CTINFO_ACT={0x18, 0x3, {0xd, 0x6, 0x3, 0x101, 0x4}}, @TCA_CTINFO_PARMS_DSCP_MASK={0x8, 0x5, 0x8}, @TCA_CTINFO_ZONE={0x6, 0x4, 0x400}, @TCA_CTINFO_PARMS_CPMARK_MASK={0x8, 0x7, 0xffffffb4}, @TCA_CTINFO_ZONE={0x6, 0x4, 0x3}, @TCA_CTINFO_ACT={0x18, 0x3, {0x0, 0x0, 0xe, 0x8, 0x512ce089}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc}}}]}, @TCA_BPF_NAME={0xc, 0x7, './file0\x00'}]}}]}, 0x144}, 0x1, 0x0, 0x0, 0x81}, 0x20000080)
socket(0x10, 0x803, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@filter={'filter\x00', 0xe, 0x3, 0xc52, [0x0, 0x2000000026c0, 0x2000000026f0, 0x2000000030fe], 0x0, &(0x7f0000000040), &(0x7f00000026c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0100000005000000060000008d057767300000000000000000000000000076657468305f766972745f7769666900626f6e643000000000000000000000006e657464657673696d300000000000000180c20000010000ff0080ffaaaaaaaaaa44ff00fff3ffff2e090000ae090000de090000737461746500000000000000000000000000000000000000000000000000000008000000000000000600000000000000616d6f6e6700000000000000000000000000000000000000000000000000000068080000000000000c00000050040000020000000900000001000000000000800900000002000000080000000900000007000000040000000180ffffffffff7f03000000f7ffffff030000000700000001800000cd00000003000000ff000000ffffffff26210000420200000d000000e100000003000000fcffffff1000000000000000a00a000001800000070000000300000002000000060000001a1b000001000000faffffff0400000000000000070000008001000003000000ff0000000400000004000000010100000800000000000000c97a000008000000050000000000008007460000ce0f0000090000000c390000090000000b000000000400000500000001000000740700000400000001000000feffffff0100000004740000ff0000000300000000000100070000001e8800000100010005000000000200000700000009000000008000000100000080650000090000006447a002872d00000100000001000000c4000000ffffff7f08000000810000000100000006000000070000000008000001000000960500007500000005000000090000000800000004000000ce2c00001000000001000080090000000d000000050000006883000007000000f21f0000d90000000500000000040000070000000037040002000000ffffff7f04000000650d0000ad040000100007000000000000000000ee41000080ffffff7fffffff11a60000090000000600000000020000080000000080000004000000ff7f0000e2000000ff01000000be0000060000004bbb000004000000ffffffff070000000000000007000000766000000900000007000000030000000200000000000000080000000200000016100000ab03000005000000070000000600000002000000050000000080000004000000090000004f070000050000002605000001000000ee690000080000000000000009000000010400009300000008000000020000000400000058f800003100000004000000010400000080000009000000bbfd00000700000000010000020000001000000005000000060000000000400005000000d0f9ffff0200000001000000ea54000003000000010000000600000009000000f7ffffff01010000030000000100000009000000020000000900000003000000d24d000007000000ffff000006000000010100000500000000000000ffffffff0400000004000000f7ffffff050200000100000000000080070000000700000002000000020000000700000000100000070000000100000007000000fbffffff0001000000010000110e00001000000008000000010000800b00000001000100040000003501000003000000030000000600000004000000f9ffffff000400001cf0ffff330700000100000002000000080000000700000000000000080000000300000007000000040000000900000005000000f702000059ec0000ac14141ff9ffffffff070000ac1414bb01000000030000007f00000103000000050000007f0000010500000005000000ac1e010140000000ffffffff060000000500000003000000930b000003000000800000007f00000002000000f7ffffffff030000050000006900000002000000443f000006000000fbffffff0300000005000000090000005e1fffff05000000cf9a00000e00000003000000070000004e0000000300000067000000ffffff7f04000000010100000300000001000000020000005dec00000700000007000000506900004000000000010000db620000004000000800000009000000010001000600000002000000060000000700000005000000070000000900000000000000070000000e0000000002000002000000060000000c0000009f560000070000000b0000000800000002000000582d00000400000005000000f9ffffff020000000100000007000000d15e0000e5010000000000000800000000040000080000000900000006000000040000000002000003000000010000008000000002000000030000000300000001050000070000000700000001000000aa0000000600000004000000141d00009e3a0000feffffff0900000005000000ffffffff80000000030000000200000003000000050000000900000002000000001000000500000002000000010000000100000006000000010400000600000001040000ff010000080000008700000001000000b9000000060000000100000000000000f7ffffff06000000810000000900000007000000010100000b0000000000000002000000130000000d000000010400000000000000000000ea060000bd0000000000a00000f8ffff060000008b0b00000600000000100000030000000c000000004cd5000200000007000000650c0000ef4400000500000004000000ffffffff0600000006000000ffffffff070000002e030000070000009d440000ff030000000000000100000000800000060000000100000064060000fdffffff0e0000000800000007000000060000000f00000069e4ffff030000000500000002000000ff010000040000005e010000e60200000600000081000000da0000000200000005000000ff07000001fcfffffeffffff0300000004000000040000000000000006000000060000003a000000090000002ef10143fcffffff3ae6c7ef0800000002000000000100000400000007000000010100000000000002000000060000000600000000000000018000000000008005000000ffffff7f0100000007000000db000000010400000c0000000700000000040000910b000009000000090000007f00000004000000ffffff7f0300000008000000020000004b000000ff07000006000000ffffffff070000000000000006000000020000000000e01f060000000300000000010000ff000000f7ce0000008000003cf50000f8ffffff0000000004000000000200003fb5b8360100000006000000040000000a01010100000000434f4e4e5345434d41524b000000000000000000000000000000000000000000080000000000000001000000000000006c6f67000000000000000000000000000000000000000000000000000000000028000000000000000937b36d1620709909508908c0c49da17ecb3d4a086e06014fd7dabc7c5341000a00000000000000434f4e4e5345434d41524b0000000000000000000000000000000000000000000800000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff02000000030000003000000086dd6d6163736563300000000000000000006261746164765f736c6176655f3100006970766c616e3100000000000000000069705f76746930000000000000000000aaaaaaaaaaaa0000ff0000ffbbbbbbbbbbbb00ff8000ff006e000000b6000000060100005241544545535400000000000000000000000000000000000000000000000000200000000000000073797a30000000000000000000000000050700000000000002000000000000006c6f67000000000000000000000000000000000000000000000000000000000028000000000000000fd0162729f6280b7e88a976cdaae002919af87dc6567f06bab96218cb6d170002000000000000000300000012000000fbf876657468305f746f5f627269646765006c6f000000000000000000000000000069705f76746930000000000000000000766c616e3000000000000000000000000180c200000effffff000000aaaaaaaaaaaaffff00ffffffae000000ae000000de0000006d61726b5f6d000000000000000000000000000000000000000000000000000018000000000000000000000000000000060000000000000000010000000000"]}, 0xc99)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ipv6_route\x00')
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r2, 0x0, 0x0}, 0x20)
r3 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./bus\x00', 0x289c2, 0x1)
fcntl$setlease(r3, 0x400, 0x1)
close_range(r1, 0xffffffffffffffff, 0x0)

0s ago: executing program 1 (id=1811):
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000900)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000060000000000000000008500000007000000850000000e00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000012c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x10)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000c80)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xa}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_FLOW_DEFAULT_RATE={0x8, 0x11, 0x4000}]}}]}, 0x38}}, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
r6 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f00000028c0), 0x0, 0x0)
sendfile(0xffffffffffffffff, r6, &(0x7f00000040c0)=0xfffffffffffffff9, 0x7) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10) (async)
socket$kcm(0x11, 0xa, 0x300) (async)
r7 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r7, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f271a76d2686dd4c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

kernel console output (not intermixed with test programs):

syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb58ef7e929 code=0x7ffc0000
[   91.844608][ T5816] truncated
[   91.858835][ T5816] loop5: p3 size 589824 extends beyond EOD, truncated
[   91.891129][ T3387] vhci_hcd: vhci_device speed not set
[   91.961747][ T5857] loop2: detected capacity change from 0 to 256
[   92.013918][ T5859] FAULT_INJECTION: forcing a failure.
[   92.013918][ T5859] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   92.027892][ T5859] CPU: 1 UID: 0 PID: 5859 Comm: syz.3.702 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(voluntary) 
[   92.027928][ T5859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   92.027942][ T5859] Call Trace:
[   92.027950][ T5859]  <TASK>
[   92.027959][ T5859]  __dump_stack+0x1d/0x30
[   92.028030][ T5859]  dump_stack_lvl+0xe8/0x140
[   92.028104][ T5859]  dump_stack+0x15/0x1b
[   92.028129][ T5859]  should_fail_ex+0x265/0x280
[   92.028173][ T5859]  should_fail+0xb/0x20
[   92.028205][ T5859]  should_fail_usercopy+0x1a/0x20
[   92.028329][ T5859]  _copy_from_user+0x1c/0xb0
[   92.028361][ T5859]  ___sys_sendmsg+0xc1/0x1d0
[   92.028434][ T5859]  __x64_sys_sendmsg+0xd4/0x160
[   92.028541][ T5859]  x64_sys_call+0x2999/0x2fb0
[   92.028573][ T5859]  do_syscall_64+0xd2/0x200
[   92.028598][ T5859]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   92.028671][ T5859]  ? clear_bhb_loop+0x40/0x90
[   92.028703][ T5859]  ? clear_bhb_loop+0x40/0x90
[   92.028736][ T5859]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.028767][ T5859] RIP: 0033:0x7f3dc06ce929
[   92.028796][ T5859] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   92.028818][ T5859] RSP: 002b:00007f3dbed37038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   92.028838][ T5859] RAX: ffffffffffffffda RBX: 00007f3dc08f5fa0 RCX: 00007f3dc06ce929
[   92.028852][ T5859] RDX: 0000000000000000 RSI: 00002000000037c0 RDI: 0000000000000006
[   92.028936][ T5859] RBP: 00007f3dbed37090 R08: 0000000000000000 R09: 0000000000000000
[   92.028950][ T5859] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   92.028968][ T5859] R13: 0000000000000000 R14: 00007f3dc08f5fa0 R15: 00007ffcd4e8fa18
[   92.028997][ T5859]  </TASK>
[   92.135542][ T3296] udevd[3296]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory
[   92.322347][ T5864] netlink: 'syz.2.703': attribute type 21 has an invalid length.
[   92.330255][ T5864] __nla_validate_parse: 8 callbacks suppressed
[   92.330300][ T5864] netlink: 156 bytes leftover after parsing attributes in process `syz.2.703'.
[   92.458475][ T5870] can: request_module (can-proto-0) failed.
[   92.573282][ T5870] netlink: 'syz.2.708': attribute type 29 has an invalid length.
[   92.581535][ T5870] netlink: 4 bytes leftover after parsing attributes in process `syz.2.708'.
[   92.628678][ T5870] loop2: detected capacity change from 0 to 8192
[   92.765790][ T5885] netlink: 12 bytes leftover after parsing attributes in process `syz.1.713'.
[   92.791462][ T5887] FAULT_INJECTION: forcing a failure.
[   92.791462][ T5887] name failslab, interval 1, probability 0, space 0, times 0
[   92.805223][ T5887] CPU: 0 UID: 0 PID: 5887 Comm: syz.2.714 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(voluntary) 
[   92.805300][ T5887] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   92.805315][ T5887] Call Trace:
[   92.805323][ T5887]  <TASK>
[   92.805331][ T5887]  __dump_stack+0x1d/0x30
[   92.805358][ T5887]  dump_stack_lvl+0xe8/0x140
[   92.805382][ T5887]  dump_stack+0x15/0x1b
[   92.805444][ T5887]  should_fail_ex+0x265/0x280
[   92.805486][ T5887]  ? bpf_raw_tp_link_attach+0x1a1/0x3f0
[   92.805511][ T5887]  should_failslab+0x8c/0xb0
[   92.805542][ T5887]  __kmalloc_cache_noprof+0x4c/0x320
[   92.805603][ T5887]  bpf_raw_tp_link_attach+0x1a1/0x3f0
[   92.805626][ T5887]  ? kstrtouint+0x76/0xc0
[   92.805739][ T5887]  bpf_raw_tracepoint_open+0x154/0x2b0
[   92.805767][ T5887]  ? security_bpf+0x2b/0x90
[   92.805792][ T5887]  __sys_bpf+0x321/0x790
[   92.805913][ T5887]  __x64_sys_bpf+0x41/0x50
[   92.805945][ T5887]  x64_sys_call+0x2478/0x2fb0
[   92.805990][ T5887]  do_syscall_64+0xd2/0x200
[   92.806025][ T5887]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   92.806054][ T5887]  ? clear_bhb_loop+0x40/0x90
[   92.806079][ T5887]  ? clear_bhb_loop+0x40/0x90
[   92.806110][ T5887]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.806183][ T5887] RIP: 0033:0x7fb58ef7e929
[   92.806204][ T5887] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   92.806233][ T5887] RSP: 002b:00007fb58d5e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   92.806253][ T5887] RAX: ffffffffffffffda RBX: 00007fb58f1a5fa0 RCX: 00007fb58ef7e929
[   92.806275][ T5887] RDX: 0000000000000010 RSI: 00002000000002c0 RDI: 0000000000000011
[   92.806291][ T5887] RBP: 00007fb58d5e7090 R08: 0000000000000000 R09: 0000000000000000
[   92.806308][ T5887] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   92.806325][ T5887] R13: 0000000000000000 R14: 00007fb58f1a5fa0 R15: 00007ffdd0baa2b8
[   92.806352][ T5887]  </TASK>
[   93.026314][ T5880] process 'syz.4.707' launched '/dev/fd/9' with NULL argv: empty string added
[   93.043630][ T5880] netlink: 16 bytes leftover after parsing attributes in process `syz.4.707'.
[   93.049549][ T5878] netlink: 8 bytes leftover after parsing attributes in process `syz.3.710'.
[   93.052970][ T5880] netlink: 16 bytes leftover after parsing attributes in process `syz.4.707'.
[   93.071066][ T5880] netlink: 16 bytes leftover after parsing attributes in process `syz.4.707'.
[   93.101106][ T5880] netlink: 16 bytes leftover after parsing attributes in process `syz.4.707'.
[   93.110338][ T5880] netlink: 16 bytes leftover after parsing attributes in process `syz.4.707'.
[   93.119322][ T5880] netlink: 16 bytes leftover after parsing attributes in process `syz.4.707'.
[   93.149970][ T5894] loop2: detected capacity change from 0 to 164
[   93.193729][ T5894] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   93.235291][ T5894] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   93.248248][ T5894] Symlink component flag not implemented
[   93.255232][ T5894] Symlink component flag not implemented
[   93.261654][ T5894] Symlink component flag not implemented (7)
[   93.267798][ T5894] Symlink component flag not implemented (116)
[   93.504192][ T5922] veth0_to_bond: entered allmulticast mode
[   93.591413][ T5929] loop5: detected capacity change from 0 to 2048
[   93.696901][ T5929]  loop5: p2 p3 p7
[   93.724498][ T2996]  loop5: p2 p3 p7
[   93.845141][ T3296] udevd[3296]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory
[   93.845527][ T3522] udevd[3522]: inotify_add_watch(7, /dev/loop5p2, 10) failed: No such file or directory
[   93.856979][ T3533] udevd[3533]: inotify_add_watch(7, /dev/loop5p7, 10) failed: No such file or directory
[   94.080739][ T5956] loop5: detected capacity change from 0 to 1024
[   94.095807][ T5956] EXT4-fs: Ignoring removed i_version option
[   94.107045][ T5956] EXT4-fs: Ignoring removed mblk_io_submit option
[   94.114662][ T5956] EXT4-fs: Ignoring removed nobh option
[   94.120667][ T5956] EXT4-fs: Ignoring removed bh option
[   94.138604][ T5956] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   94.284379][ T5969] loop4: detected capacity change from 0 to 256
[   94.375342][ T5977] can: request_module (can-proto-0) failed.
[   94.424549][ T5977] loop4: detected capacity change from 0 to 8192
[   94.676998][ T6000] loop4: detected capacity change from 0 to 128
[   94.691778][ T6000] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   94.710695][ T6000] ext4 filesystem being mounted at /140/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   94.737926][ T6011] FAULT_INJECTION: forcing a failure.
[   94.737926][ T6011] name failslab, interval 1, probability 0, space 0, times 0
[   94.751063][ T6011] CPU: 1 UID: 0 PID: 6011 Comm: syz.1.760 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(voluntary) 
[   94.751123][ T6011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   94.751141][ T6011] Call Trace:
[   94.751149][ T6011]  <TASK>
[   94.751160][ T6011]  __dump_stack+0x1d/0x30
[   94.751190][ T6011]  dump_stack_lvl+0xe8/0x140
[   94.751258][ T6011]  dump_stack+0x15/0x1b
[   94.751281][ T6011]  should_fail_ex+0x265/0x280
[   94.751344][ T6011]  should_failslab+0x8c/0xb0
[   94.751472][ T6011]  kmem_cache_alloc_noprof+0x50/0x310
[   94.751503][ T6011]  ? audit_log_start+0x365/0x6c0
[   94.751545][ T6011]  audit_log_start+0x365/0x6c0
[   94.751658][ T6011]  audit_seccomp+0x48/0x100
[   94.751689][ T6011]  ? __seccomp_filter+0x68c/0x10d0
[   94.751719][ T6011]  __seccomp_filter+0x69d/0x10d0
[   94.751754][ T6011]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   94.751853][ T6011]  ? vfs_write+0x75e/0x8e0
[   94.751902][ T6011]  __secure_computing+0x82/0x150
[   94.751993][ T6011]  syscall_trace_enter+0xcf/0x1e0
[   94.752027][ T6011]  do_syscall_64+0xac/0x200
[   94.752060][ T6011]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   94.752097][ T6011]  ? clear_bhb_loop+0x40/0x90
[   94.752195][ T6011]  ? clear_bhb_loop+0x40/0x90
[   94.752228][ T6011]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.752314][ T6011] RIP: 0033:0x7fb4c62fe929
[   94.752335][ T6011] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   94.752356][ T6011] RSP: 002b:00007fb4c4967038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e5
[   94.752376][ T6011] RAX: ffffffffffffffda RBX: 00007fb4c6525fa0 RCX: 00007fb4c62fe929
[   94.752389][ T6011] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[   94.752406][ T6011] RBP: 00007fb4c4967090 R08: 0000000000000000 R09: 0000000000000000
[   94.752452][ T6011] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   94.752470][ T6011] R13: 0000000000000000 R14: 00007fb4c6525fa0 R15: 00007ffd60dbb0a8
[   94.752498][ T6011]  </TASK>
[   95.020778][ T3686] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   95.032752][ T3307] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   95.169883][ T6029] loop4: detected capacity change from 0 to 164
[   95.183519][ T6029] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   95.244846][ T6031] loop5: detected capacity change from 0 to 2048
[   95.315926][ T3296]  loop5: p2 p3 p7
[   95.344397][ T6031]  loop5: p2 p3 p7
[   95.417291][ T6047] loop4: detected capacity change from 0 to 2048
[   95.466995][ T3522] udevd[3522]: inotify_add_watch(7, /dev/loop5p2, 10) failed: No such file or directory
[   95.485295][ T3296] udevd[3296]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory
[   95.487043][ T6047]  loop4: p2 p3 p7
[   95.498242][ T3533] udevd[3533]: inotify_add_watch(7, /dev/loop5p7, 10) failed: No such file or directory
[   95.548238][ T6054] can: request_module (can-proto-0) failed.
[   95.650879][ T6054] loop2: detected capacity change from 0 to 8192
[   95.796918][ T6075] loop5: detected capacity change from 0 to 8192
[   95.806850][ T6078] loop2: detected capacity change from 0 to 512
[   95.815818][ T6078] EXT4-fs: dax option not supported
[   95.836651][ T3522]  loop5: p1 p3 p4
[   95.845490][ T3522] loop5: p1 size 8390912 extends beyond EOD, truncated
[   95.849558][ T6080] can: request_module (can-proto-0) failed.
[   95.862358][ T3522] loop5: p3 size 589824 extends beyond EOD, truncated
[   95.876930][ T6075]  loop5: p1 p3 p4
[   95.884050][ T6075] loop5: p1 size 8390912 extends beyond EOD, truncated
[   95.900656][ T6075] loop5: p3 size 589824 extends beyond EOD, truncated
[   95.913506][ T6080] netlink: 'syz.1.790': attribute type 29 has an invalid length.
[   95.965788][   T30] kauditd_printk_skb: 392 callbacks suppressed
[   95.965804][   T30] audit: type=1326 audit(1750596682.281:4034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6079 comm="syz.1.790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fb4c62fd3df code=0x7ffc0000
[   96.007473][   T30] audit: type=1326 audit(1750596682.321:4035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6079 comm="syz.1.790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fb4c62fe9b7 code=0x7ffc0000
[   96.033783][   T30] audit: type=1326 audit(1750596682.321:4036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6079 comm="syz.1.790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb4c62fd290 code=0x7ffc0000
[   96.060461][   T30] audit: type=1326 audit(1750596682.321:4037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6079 comm="syz.1.790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fb4c62fd58a code=0x7ffc0000
[   96.115801][   T30] audit: type=1326 audit(1750596682.381:4038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6079 comm="syz.1.790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4c62fe929 code=0x7ffc0000
[   96.141413][   T30] audit: type=1326 audit(1750596682.381:4039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6079 comm="syz.1.790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4c62fe929 code=0x7ffc0000
[   96.167502][   T30] audit: type=1326 audit(1750596682.411:4040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6079 comm="syz.1.790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fb4c62fe929 code=0x7ffc0000
[   96.192221][   T30] audit: type=1326 audit(1750596682.411:4041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6079 comm="syz.1.790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4c62fe929 code=0x7ffc0000
[   96.218052][   T30] audit: type=1326 audit(1750596682.411:4042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6079 comm="syz.1.790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4c62fe929 code=0x7ffc0000
[   96.242551][   T30] audit: type=1326 audit(1750596682.421:4043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6079 comm="syz.1.790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb4c62fe929 code=0x7ffc0000
[   96.300462][ T6091] hsr_slave_0: left promiscuous mode
[   96.317551][ T6091] hsr_slave_1: left promiscuous mode
[   96.340165][ T3296] udevd[3296]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory
[   96.353299][ T3533] udevd[3533]: inotify_add_watch(7, /dev/loop5p4, 10) failed: No such file or directory
[   96.394838][ T6097] can: request_module (can-proto-0) failed.
[   96.418883][ T3296] udevd[3296]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory
[   96.419067][ T3522] udevd[3522]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory
[   96.450279][ T6093] can0: slcan on ttyS3.
[   96.495928][ T6098] can0 (unregistered): slcan off ttyS3.
[   96.512900][ T6095] can0: slcan on ttyS3.
[   96.592668][ T6098] can0 (unregistered): slcan off ttyS3.
[   96.619215][ T6116] loop2: detected capacity change from 0 to 1024
[   96.633376][ T6116] EXT4-fs: Ignoring removed nobh option
[   96.639397][ T6116] EXT4-fs: Ignoring removed bh option
[   96.727240][ T6124] loop5: detected capacity change from 0 to 2048
[   96.738288][ T6116] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   96.766885][ T3522]  loop5: p2 p3 p7
[   96.779912][ T6124]  loop5: p2 p3 p7
[   96.815104][ T6131] loop4: detected capacity change from 0 to 2048
[   96.891706][ T6136] wg1 speed is unknown, defaulting to 1000
[   96.900748][ T6131]  loop4: p1 < > p4
[   96.906190][ T6131] loop4: p4 size 8388608 extends beyond EOD, truncated
[   96.926419][ T6116] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4113: comm syz.2.801: Allocating blocks 497-513 which overlap fs metadata
[   96.951891][ T6116] EXT4-fs (loop2): pa ffff888106e701c0: logic 256, phys. 369, len 9
[   96.960274][ T6116] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[   97.046327][ T6116] EXT4-fs error (device loop2): mb_free_blocks:1948: group 0, inode 18: block 129:freeing already freed block (bit 8); block bitmap corrupt.
[   97.079618][ T6131] loop4: detected capacity change from 0 to 2048
[   97.172160][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.188165][ T6131]  loop4: unable to read partition table
[   97.194863][ T6131] loop4: partition table beyond EOD, truncated
[   97.201256][ T6131] loop_reread_partitions: partition scan of loop4 () failed (rc=-5)
[   97.283183][ T2996]  loop4: unable to read partition table
[   97.289964][ T2996] loop4: partition table beyond EOD, truncated
[   97.429191][ T6177] __nla_validate_parse: 18 callbacks suppressed
[   97.429212][ T6177] netlink: 12 bytes leftover after parsing attributes in process `syz.4.825'.
[   97.501824][ T6177] loop4: detected capacity change from 0 to 8192
[   97.541541][ T3522]  loop4: p1 p3 p4
[   97.549068][ T3522] loop4: p1 size 8390912 extends beyond EOD, truncated
[   97.559330][ T3522] loop4: p3 size 589824 extends beyond EOD, truncated
[   97.592862][ T6177]  loop4: p1 p3 p4
[   97.596805][ T6177] loop4: p1 size 8390912 extends beyond EOD, truncated
[   97.609385][ T6177] loop4: p3 size 589824 extends beyond EOD, truncated
[   97.638051][ T6191] netlink: 8 bytes leftover after parsing attributes in process `syz.3.829'.
[   97.742634][ T6199] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[   97.742634][ T6199] The task syz.5.831 (6199) triggered the difference, watch for misbehavior.
[   97.901489][ T6208] loop4: detected capacity change from 0 to 2048
[   97.955059][ T6209] can: request_module (can-proto-0) failed.
[   97.964529][ T6209] netlink: 'syz.2.837': attribute type 29 has an invalid length.
[   97.972412][ T6209] netlink: 4 bytes leftover after parsing attributes in process `syz.2.837'.
[   98.001233][ T6208]  loop4: p2 p3 p7
[   98.036471][ T6209] loop2: detected capacity change from 0 to 8192
[   98.101707][ T6219] netlink: 'syz.3.842': attribute type 21 has an invalid length.
[   98.111297][ T6219] netlink: 156 bytes leftover after parsing attributes in process `syz.3.842'.
[   98.182267][ T6228] FAULT_INJECTION: forcing a failure.
[   98.182267][ T6228] name failslab, interval 1, probability 0, space 0, times 0
[   98.195670][ T6228] CPU: 1 UID: 0 PID: 6228 Comm: syz.1.846 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(voluntary) 
[   98.195705][ T6228] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   98.195722][ T6228] Call Trace:
[   98.195780][ T6228]  <TASK>
[   98.195791][ T6228]  __dump_stack+0x1d/0x30
[   98.195815][ T6228]  dump_stack_lvl+0xe8/0x140
[   98.195834][ T6228]  dump_stack+0x15/0x1b
[   98.195853][ T6228]  should_fail_ex+0x265/0x280
[   98.195893][ T6228]  should_failslab+0x8c/0xb0
[   98.195989][ T6228]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[   98.196140][ T6228]  ? sidtab_sid2str_get+0xa0/0x130
[   98.196174][ T6228]  kmemdup_noprof+0x2b/0x70
[   98.196247][ T6228]  sidtab_sid2str_get+0xa0/0x130
[   98.196272][ T6228]  security_sid_to_context_core+0x1eb/0x2e0
[   98.196302][ T6228]  security_sid_to_context+0x27/0x40
[   98.196332][ T6228]  selinux_lsmprop_to_secctx+0x67/0xf0
[   98.196423][ T6228]  security_lsmprop_to_secctx+0x43/0x80
[   98.196456][ T6228]  audit_log_task_context+0x77/0x190
[   98.196499][ T6228]  audit_log_task+0xf4/0x250
[   98.196571][ T6228]  audit_seccomp+0x61/0x100
[   98.196617][ T6228]  ? __seccomp_filter+0x68c/0x10d0
[   98.196648][ T6228]  __seccomp_filter+0x69d/0x10d0
[   98.196681][ T6228]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   98.196707][ T6228]  ? vfs_write+0x75e/0x8e0
[   98.196742][ T6228]  ? __rcu_read_unlock+0x4f/0x70
[   98.196769][ T6228]  ? __fget_files+0x184/0x1c0
[   98.196799][ T6228]  __secure_computing+0x82/0x150
[   98.196853][ T6228]  syscall_trace_enter+0xcf/0x1e0
[   98.196886][ T6228]  do_syscall_64+0xac/0x200
[   98.196910][ T6228]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   98.197042][ T6228]  ? clear_bhb_loop+0x40/0x90
[   98.197071][ T6228]  ? clear_bhb_loop+0x40/0x90
[   98.197094][ T6228]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.197121][ T6228] RIP: 0033:0x7fb4c62fe929
[   98.197142][ T6228] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   98.197191][ T6228] RSP: 002b:00007fb4c4967038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[   98.197216][ T6228] RAX: ffffffffffffffda RBX: 00007fb4c6525fa0 RCX: 00007fb4c62fe929
[   98.197232][ T6228] RDX: 0000000000000001 RSI: 0000200000000100 RDI: 0000000000000009
[   98.197311][ T6228] RBP: 00007fb4c4967090 R08: 0000000000000000 R09: 0000000000000000
[   98.197324][ T6228] R10: 0000000000005412 R11: 0000000000000246 R12: 0000000000000001
[   98.197340][ T6228] R13: 0000000000000000 R14: 00007fb4c6525fa0 R15: 00007ffd60dbb0a8
[   98.197363][ T6228]  </TASK>
[   98.454754][ T6228] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(10)
[   98.461529][ T6228] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   98.469563][ T6228] vhci_hcd vhci_hcd.0: Device attached
[   98.581026][ T6230] can: request_module (can-proto-0) failed.
[   98.643521][ T6233] vhci_hcd: connection closed
[   98.671608][   T10] vhci_hcd: vhci_device speed not set
[   98.698811][   T12] vhci_hcd: stop threads
[   98.703689][   T12] vhci_hcd: release socket
[   98.708426][   T12] vhci_hcd: disconnect device
[   98.751055][   T10] usb 3-1: new full-speed USB device number 2 using vhci_hcd
[   98.776053][   T10] usb 3-1: enqueue for inactive port 0
[   98.800660][   T10] usb 3-1: enqueue for inactive port 0
[   98.803893][ T6253] can: request_module (can-proto-0) failed.
[   98.826279][   T10] usb 3-1: enqueue for inactive port 0
[   98.856897][ T6253] netlink: 'syz.3.855': attribute type 29 has an invalid length.
[   98.864962][ T6253] netlink: 4 bytes leftover after parsing attributes in process `syz.3.855'.
[   98.912121][   T10] vhci_hcd: vhci_device speed not set
[   99.017722][ T6280] loop2: detected capacity change from 0 to 1024
[   99.033403][ T6280] EXT4-fs: Ignoring removed nobh option
[   99.039168][ T6280] EXT4-fs: Ignoring removed bh option
[   99.076160][ T6280] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   99.355531][ T6294] netlink: 76 bytes leftover after parsing attributes in process `syz.2.866'.
[   99.538506][ T6280] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4113: comm syz.2.866: Allocating blocks 497-513 which overlap fs metadata
[   99.582575][ T6289] wg1 speed is unknown, defaulting to 1000
[   99.587048][ T6280] EXT4-fs (loop2): pa ffff888106e702a0: logic 256, phys. 369, len 9
[   99.597104][ T6280] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[   99.618179][ T6305] loop5: detected capacity change from 0 to 256
[   99.624716][ T6280] EXT4-fs error (device loop2): mb_free_blocks:1948: group 0, inode 18: block 129:freeing already freed block (bit 8); block bitmap corrupt.
[   99.630426][ T6307] netlink: 12 bytes leftover after parsing attributes in process `syz.3.876'.
[   99.754714][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.764663][ T6313] can: request_module (can-proto-0) failed.
[   99.799644][ T6313] netlink: 'syz.5.878': attribute type 29 has an invalid length.
[   99.807738][ T6313] netlink: 4 bytes leftover after parsing attributes in process `syz.5.878'.
[   99.944511][ T6313] loop5: detected capacity change from 0 to 8192
[  100.035714][ T6338] loop2: detected capacity change from 0 to 256
[  100.111962][ T6344] loop5: detected capacity change from 0 to 164
[  100.159218][ T6344] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  100.344746][ T6355] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  100.420065][ T6355] Symlink component flag not implemented
[  100.425995][ T6355] Symlink component flag not implemented
[  100.452877][ T6361] netlink: 'syz.3.896': attribute type 29 has an invalid length.
[  100.461262][ T6361] netlink: 4 bytes leftover after parsing attributes in process `syz.3.896'.
[  100.530501][ T6355] Symlink component flag not implemented (7)
[  100.536996][ T6355] Symlink component flag not implemented (116)
[  100.590563][ T6359] can: request_module (can-proto-0) failed.
[  100.769701][ T6367] netlink: 8 bytes leftover after parsing attributes in process `syz.1.898'.
[  100.943575][ T6386] loop5: detected capacity change from 0 to 1024
[  100.953696][ T6386] EXT4-fs: Ignoring removed nobh option
[  100.959698][ T6386] EXT4-fs: Ignoring removed bh option
[  101.008946][ T6386] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.055769][   T30] kauditd_printk_skb: 520 callbacks suppressed
[  101.055803][   T30] audit: type=1326 audit(1750596687.371:4563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6385 comm="syz.5.907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dc2dbe929 code=0x7ffc0000
[  101.115174][ T6392] loop2: detected capacity change from 0 to 8192
[  101.122879][   T30] audit: type=1326 audit(1750596687.371:4564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6385 comm="syz.5.907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dc2dbe929 code=0x7ffc0000
[  101.149383][   T30] audit: type=1326 audit(1750596687.371:4565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6385 comm="syz.5.907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3dc2dbe929 code=0x7ffc0000
[  101.175220][   T30] audit: type=1326 audit(1750596687.371:4566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6385 comm="syz.5.907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dc2dbe929 code=0x7ffc0000
[  101.201605][   T30] audit: type=1326 audit(1750596687.371:4567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6385 comm="syz.5.907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dc2dbe929 code=0x7ffc0000
[  101.206929][ T6402] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  101.227264][   T30] audit: type=1326 audit(1750596687.371:4568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6385 comm="syz.5.907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3dc2dbe929 code=0x7ffc0000
[  101.235188][ T6402] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  101.259825][   T30] audit: type=1326 audit(1750596687.371:4569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6385 comm="syz.5.907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dc2dbe929 code=0x7ffc0000
[  101.292675][   T30] audit: type=1326 audit(1750596687.371:4570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6385 comm="syz.5.907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dc2dbe929 code=0x7ffc0000
[  101.317814][   T30] audit: type=1326 audit(1750596687.371:4571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6385 comm="syz.5.907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3dc2dbe929 code=0x7ffc0000
[  101.343928][   T30] audit: type=1326 audit(1750596687.411:4572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6385 comm="syz.5.907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dc2dbe929 code=0x7ffc0000
[  101.388827][ T6386] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4113: comm syz.5.907: Allocating blocks 273-513 which overlap fs metadata
[  101.407002][ T6386] EXT4-fs (loop5): pa ffff888106e27770: logic 0, phys. 257, len 16
[  101.415822][ T6386] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5364: group 0, free 1, pa_free 16
[  101.424949][ T6403] wg1 speed is unknown, defaulting to 1000
[  101.430379][ T3522]  loop2: p1 p3 p4
[  101.439762][ T3522] loop2: p1 size 8390912 extends beyond EOD, truncated
[  101.516642][ T3522] loop2: p3 size 589824 extends beyond EOD, truncated
[  101.566624][ T6392]  loop2: p1 p3 p4
[  101.571328][ T6392] loop2: p1 size 8390912 extends beyond EOD, truncated
[  101.580262][ T3686] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.598704][ T6392] loop2: p3 size 589824 extends beyond EOD, truncated
[  101.617393][ T6415] can: request_module (can-proto-0) failed.
[  101.813463][ T3522] udevd[3522]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  101.838330][ T3296] udevd[3296]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  101.853420][ T3533] udevd[3533]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[  101.899812][ T6432] loop4: detected capacity change from 0 to 164
[  101.935689][ T6432] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  101.972656][ T6432] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  101.977093][ T3522] udevd[3522]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  101.983749][ T3296] udevd[3296]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  102.011212][ T6432] Symlink component flag not implemented
[  102.017766][ T6432] Symlink component flag not implemented
[  102.041074][ T6432] Symlink component flag not implemented (7)
[  102.047902][ T6432] Symlink component flag not implemented (116)
[  102.058178][ T6441] loop2: detected capacity change from 0 to 8192
[  102.084526][ T3533] udevd[3533]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[  102.153321][ T6441]  loop2: p1 p3 p4
[  102.157734][ T6441] loop2: p1 size 8390912 extends beyond EOD, truncated
[  102.178064][ T6441] loop2: p3 size 589824 extends beyond EOD, truncated
[  102.398047][ T6466] can: request_module (can-proto-0) failed.
[  102.405655][ T3532] udevd[3532]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[  102.407675][ T3522] udevd[3522]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  102.417967][ T3533] udevd[3533]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  102.498904][ T6473] loop2: detected capacity change from 0 to 164
[  102.526614][ T6466] loop4: detected capacity change from 0 to 8192
[  102.534932][ T6473] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  102.559368][ T6476] loop5: detected capacity change from 0 to 512
[  102.583249][ T6473] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  102.594161][ T6476] EXT4-fs: dax option not supported
[  102.614183][ T6473] Symlink component flag not implemented
[  102.620105][ T6473] Symlink component flag not implemented
[  102.636035][ T6476] __nla_validate_parse: 4 callbacks suppressed
[  102.636051][ T6476] netlink: 8 bytes leftover after parsing attributes in process `syz.5.939'.
[  102.637426][ T6478] Cannot find add_set index 0 as target
[  102.674320][ T6473] Symlink component flag not implemented (7)
[  102.680845][ T6473] Symlink component flag not implemented (116)
[  102.697201][ T6480] loop4: detected capacity change from 0 to 256
[  102.892444][ T6500] netlink: 'syz.5.950': attribute type 21 has an invalid length.
[  102.900257][ T6500] netlink: 156 bytes leftover after parsing attributes in process `syz.5.950'.
[  102.947542][ T6505] can: request_module (can-proto-0) failed.
[  102.988525][ T6510] netlink: 12 bytes leftover after parsing attributes in process `syz.5.954'.
[  103.001365][ T6505] loop2: detected capacity change from 0 to 8192
[  103.113860][ T6516] netlink: 'syz.2.956': attribute type 7 has an invalid length.
[  103.126018][ T6510] loop5: detected capacity change from 0 to 8192
[  103.150585][ T6508] wg1 speed is unknown, defaulting to 1000
[  103.181336][ T3296]  loop5: p1 p3 p4
[  103.186156][ T3296] loop5: p1 size 8390912 extends beyond EOD, truncated
[  103.200259][ T3296] loop5: p3 size 589824 extends beyond EOD, truncated
[  103.216794][ T6510]  loop5: p1 p3 p4
[  103.220937][ T6510] loop5: p1 size 8390912 extends beyond EOD, truncated
[  103.238998][ T6510] loop5: p3 size 589824 extends beyond EOD, truncated
[  103.304103][ T6519] wg1 speed is unknown, defaulting to 1000
[  103.332666][ T6524] can: request_module (can-proto-0) failed.
[  103.390266][ T6524] netlink: 'syz.1.958': attribute type 29 has an invalid length.
[  103.398142][ T6524] netlink: 4 bytes leftover after parsing attributes in process `syz.1.958'.
[  103.537343][ T3533] udevd[3533]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory
[  103.602877][ T6526] wg1 speed is unknown, defaulting to 1000
[  103.648352][ T6541] can: request_module (can-proto-0) failed.
[  103.719910][ T6541] loop5: detected capacity change from 0 to 8192
[  103.837401][ T6561] can: request_module (can-proto-0) failed.
[  103.882731][ T6561] netlink: 'syz.3.973': attribute type 29 has an invalid length.
[  103.890541][ T6561] netlink: 4 bytes leftover after parsing attributes in process `syz.3.973'.
[  104.067468][ T6584] netlink: 12 bytes leftover after parsing attributes in process `syz.2.984'.
[  104.079590][ T6580] can: request_module (can-proto-0) failed.
[  104.183447][ T6596] loop5: detected capacity change from 0 to 256
[  104.226513][ T6584] loop2: detected capacity change from 0 to 8192
[  104.293228][ T6584]  loop2: p1 p3 p4
[  104.297133][ T6584] loop2: p1 size 8390912 extends beyond EOD, truncated
[  104.305730][ T6604] loop5: detected capacity change from 0 to 164
[  104.324586][ T6604] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  104.353150][ T6604] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  104.361322][ T6584] loop2: p3 size 589824 extends beyond EOD, truncated
[  104.363762][ T6604] Symlink component flag not implemented
[  104.373907][ T6604] Symlink component flag not implemented
[  104.376417][ T6598] wg1 speed is unknown, defaulting to 1000
[  104.383438][ T6604] Symlink component flag not implemented (7)
[  104.391621][ T6604] Symlink component flag not implemented (116)
[  104.429405][ T2996]  loop2: p1 p3 p4
[  104.433698][ T2996] loop2: p1 size 8390912 extends beyond EOD, truncated
[  104.458976][ T6612] can: request_module (can-proto-0) failed.
[  104.469690][ T2996] loop2: p3 size 589824 extends beyond EOD, truncated
[  104.492151][ T6612] netlink: 'syz.4.996': attribute type 29 has an invalid length.
[  104.500149][ T6612] netlink: 4 bytes leftover after parsing attributes in process `syz.4.996'.
[  104.589497][ T6624] FAULT_INJECTION: forcing a failure.
[  104.589497][ T6624] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  104.603718][ T6624] CPU: 1 UID: 0 PID: 6624 Comm: syz.2.1001 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(voluntary) 
[  104.603761][ T6624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  104.603779][ T6624] Call Trace:
[  104.603789][ T6624]  <TASK>
[  104.603802][ T6624]  __dump_stack+0x1d/0x30
[  104.603831][ T6624]  dump_stack_lvl+0xe8/0x140
[  104.603897][ T6624]  dump_stack+0x15/0x1b
[  104.603922][ T6624]  should_fail_ex+0x265/0x280
[  104.604003][ T6624]  should_fail+0xb/0x20
[  104.604041][ T6624]  should_fail_usercopy+0x1a/0x20
[  104.604153][ T6624]  _copy_from_user+0x1c/0xb0
[  104.604236][ T6624]  ___sys_sendmsg+0xc1/0x1d0
[  104.604304][ T6624]  __sys_sendmmsg+0x178/0x300
[  104.604368][ T6624]  __x64_sys_sendmmsg+0x57/0x70
[  104.604408][ T6624]  x64_sys_call+0x2f2f/0x2fb0
[  104.604545][ T6624]  do_syscall_64+0xd2/0x200
[  104.604576][ T6624]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  104.604615][ T6624]  ? clear_bhb_loop+0x40/0x90
[  104.604670][ T6624]  ? clear_bhb_loop+0x40/0x90
[  104.604713][ T6624]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.604789][ T6624] RIP: 0033:0x7fb58ef7e929
[  104.604813][ T6624] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  104.604840][ T6624] RSP: 002b:00007fb58d5e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  104.604875][ T6624] RAX: ffffffffffffffda RBX: 00007fb58f1a5fa0 RCX: 00007fb58ef7e929
[  104.604893][ T6624] RDX: 0000000000000002 RSI: 0000200000008d00 RDI: 0000000000000003
[  104.604910][ T6624] RBP: 00007fb58d5e7090 R08: 0000000000000000 R09: 0000000000000000
[  104.604924][ T6624] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  104.604938][ T6624] R13: 0000000000000000 R14: 00007fb58f1a5fa0 R15: 00007ffdd0baa2b8
[  104.604959][ T6624]  </TASK>
[  104.954954][ T6641] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1009'.
[  105.078005][ T6655] loop5: detected capacity change from 0 to 1024
[  105.091874][ T6655] EXT4-fs: Ignoring removed nobh option
[  105.097548][ T6655] EXT4-fs: Ignoring removed bh option
[  105.131438][ T6655] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  105.208853][ T6667] netdevsim netdevsim4: Direct firmware load for ..€ failed with error -2
[  105.211386][ T6664] can: request_module (can-proto-0) failed.
[  105.226858][ T6664] netlink: 'syz.1.1017': attribute type 29 has an invalid length.
[  105.235039][ T6664] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1017'.
[  105.289523][ T6655] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4113: comm syz.5.1015: Allocating blocks 273-513 which overlap fs metadata
[  105.310196][ T6655] EXT4-fs (loop5): pa ffff888106e27770: logic 0, phys. 257, len 16
[  105.312090][ T6670] loop9: detected capacity change from 0 to 7
[  105.318262][ T6655] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5364: group 0, free 1, pa_free 16
[  105.337002][ T3522] Buffer I/O error on dev loop9, logical block 0, async page read
[  105.345364][ T3522] Buffer I/O error on dev loop9, logical block 0, async page read
[  105.352488][ T6668] wg1 speed is unknown, defaulting to 1000
[  105.353426][ T3522]  loop9: unable to read partition table
[  105.367767][ T6670] Buffer I/O error on dev loop9, logical block 0, async page read
[  105.389804][ T6670] Buffer I/O error on dev loop9, logical block 0, async page read
[  105.397863][ T6670]  loop9: unable to read partition table
[  105.406790][ T6670] loop_reread_partitions: partition scan of loop9 (þ被xüŸÑø éÚ¬§½dG¤´à–ƒÝ¡¯ �â·û
[  105.406790][ T6670] 
) failed (rc=-5)
[  105.420921][ T3522] Buffer I/O error on dev loop9, logical block 0, async page read
[  105.429388][ T3522] Buffer I/O error on dev loop9, logical block 0, async page read
[  105.453884][ T3522] Buffer I/O error on dev loop9, logical block 0, async page read
[  105.464034][ T3522] Buffer I/O error on dev loop9, logical block 0, async page read
[  105.479445][ T3686] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.480825][ T3522] Buffer I/O error on dev loop9, logical block 0, async page read
[  105.593219][ T6689] loop5: detected capacity change from 0 to 164
[  105.623135][ T6689] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  105.648252][ T6690] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1026'.
[  105.729776][ T6689] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  105.744811][ T6689] Symlink component flag not implemented
[  105.750734][ T6689] Symlink component flag not implemented
[  105.763438][ T6689] Symlink component flag not implemented (7)
[  105.769959][ T6689] Symlink component flag not implemented (116)
[  105.781693][ T6699] netlink: 'syz.3.1030': attribute type 21 has an invalid length.
[  106.090224][ T6717] wg1 speed is unknown, defaulting to 1000
[  106.137029][ T6726] netlink: 'syz.5.1041': attribute type 21 has an invalid length.
[  106.193234][ T6730] loop5: detected capacity change from 0 to 164
[  106.204206][ T6730] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  106.221057][ T6730] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  106.230448][ T6730] Symlink component flag not implemented
[  106.236323][ T6730] Symlink component flag not implemented
[  106.256396][ T6730] Symlink component flag not implemented (7)
[  106.262666][ T6730] Symlink component flag not implemented (116)
[  106.324444][   T30] kauditd_printk_skb: 663 callbacks suppressed
[  106.324462][   T30] audit: type=1326 audit(1750596692.641:5236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6733 comm="syz.5.1044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dc2dbe929 code=0x7ffc0000
[  106.364486][   T30] audit: type=1326 audit(1750596692.641:5237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6733 comm="syz.5.1044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dc2dbe929 code=0x7ffc0000
[  106.388399][   T30] audit: type=1326 audit(1750596692.681:5238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6733 comm="syz.5.1044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=133 compat=0 ip=0x7f3dc2dbe929 code=0x7ffc0000
[  106.412318][   T30] audit: type=1326 audit(1750596692.681:5239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6733 comm="syz.5.1044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dc2dbe929 code=0x7ffc0000
[  106.436451][   T30] audit: type=1326 audit(1750596692.681:5240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6733 comm="syz.5.1044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dc2dbe929 code=0x7ffc0000
[  106.460712][   T30] audit: type=1326 audit(1750596692.681:5241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6733 comm="syz.5.1044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=137 compat=0 ip=0x7f3dc2dbe929 code=0x7ffc0000
[  106.484485][   T30] audit: type=1326 audit(1750596692.681:5242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6733 comm="syz.5.1044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dc2dbe929 code=0x7ffc0000
[  106.507945][   T30] audit: type=1326 audit(1750596692.681:5243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6733 comm="syz.5.1044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dc2dbe929 code=0x7ffc0000
[  106.568303][   T30] audit: type=1326 audit(1750596692.881:5244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6746 comm="syz.1.1048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4c62fe929 code=0x7ffc0000
[  106.592227][   T30] audit: type=1326 audit(1750596692.881:5245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6746 comm="syz.1.1048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=243 compat=0 ip=0x7fb4c62fe929 code=0x7ffc0000
[  106.770661][ T6757] loop5: detected capacity change from 0 to 1024
[  106.790216][ T6757] EXT4-fs: Ignoring removed nobh option
[  106.796000][ T6757] EXT4-fs: Ignoring removed bh option
[  106.840751][ T6768] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23 sclass=netlink_route_socket pid=6768 comm=syz.1.1054
[  106.907399][ T6757] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  107.059623][ T6757] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4113: comm syz.5.1053: Allocating blocks 497-513 which overlap fs metadata
[  107.095055][ T6793] netlink: 'syz.2.1066': attribute type 21 has an invalid length.
[  107.108599][ T6757] EXT4-fs (loop5): pa ffff888106e702a0: logic 256, phys. 369, len 9
[  107.116831][ T6757] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[  107.130914][ T6785] wg1 speed is unknown, defaulting to 1000
[  107.156886][ T6757] EXT4-fs error (device loop5): mb_free_blocks:1948: group 0, inode 18: block 129:freeing already freed block (bit 8); block bitmap corrupt.
[  107.157315][ T6801] FAULT_INJECTION: forcing a failure.
[  107.157315][ T6801] name failslab, interval 1, probability 0, space 0, times 0
[  107.184404][ T6801] CPU: 1 UID: 0 PID: 6801 Comm: syz.4.1069 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(voluntary) 
[  107.184474][ T6801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  107.184491][ T6801] Call Trace:
[  107.184499][ T6801]  <TASK>
[  107.184508][ T6801]  __dump_stack+0x1d/0x30
[  107.184537][ T6801]  dump_stack_lvl+0xe8/0x140
[  107.184563][ T6801]  dump_stack+0x15/0x1b
[  107.184586][ T6801]  should_fail_ex+0x265/0x280
[  107.184691][ T6801]  ? audit_log_d_path+0x8d/0x150
[  107.184734][ T6801]  should_failslab+0x8c/0xb0
[  107.184765][ T6801]  __kmalloc_cache_noprof+0x4c/0x320
[  107.184805][ T6801]  audit_log_d_path+0x8d/0x150
[  107.184927][ T6801]  audit_log_d_path_exe+0x42/0x70
[  107.185048][ T6801]  audit_log_task+0x1e9/0x250
[  107.185081][ T6801]  audit_seccomp+0x61/0x100
[  107.185143][ T6801]  ? __seccomp_filter+0x68c/0x10d0
[  107.185172][ T6801]  __seccomp_filter+0x69d/0x10d0
[  107.185274][ T6801]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  107.185308][ T6801]  ? vfs_write+0x75e/0x8e0
[  107.185363][ T6801]  __secure_computing+0x82/0x150
[  107.185393][ T6801]  syscall_trace_enter+0xcf/0x1e0
[  107.185426][ T6801]  do_syscall_64+0xac/0x200
[  107.185465][ T6801]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  107.185490][ T6801]  ? clear_bhb_loop+0x40/0x90
[  107.185515][ T6801]  ? clear_bhb_loop+0x40/0x90
[  107.185544][ T6801]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.185571][ T6801] RIP: 0033:0x7f772b16e929
[  107.185655][ T6801] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  107.185678][ T6801] RSP: 002b:00007f77297d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000005e
[  107.185702][ T6801] RAX: ffffffffffffffda RBX: 00007f772b395fa0 RCX: 00007f772b16e929
[  107.185718][ T6801] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  107.185748][ T6801] RBP: 00007f77297d7090 R08: 0000000000000000 R09: 0000000000000000
[  107.185763][ T6801] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  107.185778][ T6801] R13: 0000000000000000 R14: 00007f772b395fa0 R15: 00007fff079759a8
[  107.185802][ T6801]  </TASK>
[  107.425758][ T3686] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.609724][ T6825] loop2: detected capacity change from 0 to 2048
[  107.647213][ T3522]  loop2: p2 p3 p7
[  107.679775][ T6825]  loop2: p2 p3 p7
[  107.740092][ T6834] loop5: detected capacity change from 0 to 1024
[  107.754158][ T6834] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  107.803967][ T6834] ipvlan2: entered promiscuous mode
[  107.811553][ T6834] bridge0: port 3(ipvlan2) entered blocking state
[  107.818152][ T6834] bridge0: port 3(ipvlan2) entered disabled state
[  107.825275][ T6834] ipvlan2: entered allmulticast mode
[  107.830616][ T6834] bridge0: entered allmulticast mode
[  107.837071][ T6834] ipvlan2: left allmulticast mode
[  107.842221][ T6834] bridge0: left allmulticast mode
[  107.905545][ T6841] loop4: detected capacity change from 0 to 512
[  107.914898][ T6841] EXT4-fs: dax option not supported
[  107.942826][ T6841] __nla_validate_parse: 18 callbacks suppressed
[  107.942848][ T6841] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1085'.
[  107.966367][ T3686] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.029786][ T6849] netlink: 'syz.1.1089': attribute type 21 has an invalid length.
[  108.037859][ T6849] netlink: 156 bytes leftover after parsing attributes in process `syz.1.1089'.
[  108.133748][ T6859] loop4: detected capacity change from 0 to 256
[  108.149358][ T6861] netdevsim netdevsim1: Direct firmware load for ..€ failed with error -2
[  108.178366][ T6854] wg1 speed is unknown, defaulting to 1000
[  108.468692][ T6884] netlink: 'syz.4.1102': attribute type 21 has an invalid length.
[  108.476754][ T6884] netlink: 156 bytes leftover after parsing attributes in process `syz.4.1102'.
[  108.552692][ T6889] FAULT_INJECTION: forcing a failure.
[  108.552692][ T6889] name failslab, interval 1, probability 0, space 0, times 0
[  108.565771][ T6889] CPU: 0 UID: 0 PID: 6889 Comm: syz.5.1105 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(voluntary) 
[  108.565850][ T6889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  108.565865][ T6889] Call Trace:
[  108.565872][ T6889]  <TASK>
[  108.565882][ T6889]  __dump_stack+0x1d/0x30
[  108.565909][ T6889]  dump_stack_lvl+0xe8/0x140
[  108.565930][ T6889]  dump_stack+0x15/0x1b
[  108.565957][ T6889]  should_fail_ex+0x265/0x280
[  108.565988][ T6889]  should_failslab+0x8c/0xb0
[  108.566024][ T6889]  __kmalloc_noprof+0xa5/0x3e0
[  108.566058][ T6889]  ? devlink_nl_notify_filter_set_doit+0xab/0x290
[  108.566084][ T6889]  devlink_nl_notify_filter_set_doit+0xab/0x290
[  108.566114][ T6889]  genl_family_rcv_msg_doit+0x140/0x1b0
[  108.566180][ T6889]  genl_rcv_msg+0x422/0x460
[  108.566208][ T6889]  ? __pfx_devlink_nl_notify_filter_set_doit+0x10/0x10
[  108.566237][ T6889]  netlink_rcv_skb+0x120/0x220
[  108.566278][ T6889]  ? __pfx_genl_rcv_msg+0x10/0x10
[  108.566345][ T6889]  genl_rcv+0x28/0x40
[  108.566367][ T6889]  netlink_unicast+0x59e/0x670
[  108.566402][ T6889]  netlink_sendmsg+0x58b/0x6b0
[  108.566465][ T6889]  ? __pfx_netlink_sendmsg+0x10/0x10
[  108.566537][ T6889]  __sock_sendmsg+0x142/0x180
[  108.566780][ T6889]  ____sys_sendmsg+0x31e/0x4e0
[  108.566828][ T6889]  ___sys_sendmsg+0x17b/0x1d0
[  108.566895][ T6889]  __x64_sys_sendmsg+0xd4/0x160
[  108.566998][ T6889]  x64_sys_call+0x2999/0x2fb0
[  108.567026][ T6889]  do_syscall_64+0xd2/0x200
[  108.567056][ T6889]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  108.567089][ T6889]  ? clear_bhb_loop+0x40/0x90
[  108.567171][ T6889]  ? clear_bhb_loop+0x40/0x90
[  108.567200][ T6889]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.567227][ T6889] RIP: 0033:0x7f3dc2dbe929
[  108.567242][ T6889] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  108.567313][ T6889] RSP: 002b:00007f3dc1427038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  108.567331][ T6889] RAX: ffffffffffffffda RBX: 00007f3dc2fe5fa0 RCX: 00007f3dc2dbe929
[  108.567346][ T6889] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000005
[  108.567361][ T6889] RBP: 00007f3dc1427090 R08: 0000000000000000 R09: 0000000000000000
[  108.567376][ T6889] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  108.567392][ T6889] R13: 0000000000000000 R14: 00007f3dc2fe5fa0 R15: 00007ffe302cf0c8
[  108.567411][ T6889]  </TASK>
[  108.892684][ T3522] printk: udevd: 57 output lines suppressed due to ratelimiting
[  108.917760][ T6895] loop2: detected capacity change from 0 to 1024
[  108.948125][ T6895] EXT4-fs: Ignoring removed nobh option
[  108.953853][ T6895] EXT4-fs: Ignoring removed bh option
[  108.961369][ T6898] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  109.141177][ T6916] can: request_module (can-proto-0) failed.
[  109.152933][ T6916] netlink: 'syz.4.1117': attribute type 29 has an invalid length.
[  109.160852][ T6916] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1117'.
[  109.177370][ T6919] can: request_module (can-proto-0) failed.
[  109.253006][ T6895] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  109.304270][ T6916] loop4: detected capacity change from 0 to 8192
[  109.420253][ T6928] wg1 speed is unknown, defaulting to 1000
[  109.441624][ T6895] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4113: comm syz.2.1108: Allocating blocks 497-513 which overlap fs metadata
[  109.474020][ T6931] loop4: detected capacity change from 0 to 2048
[  109.481830][ T6895] EXT4-fs (loop2): pa ffff888106e277e0: logic 256, phys. 369, len 9
[  109.489929][ T6895] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[  109.501377][ T6895] EXT4-fs error (device loop2): mb_free_blocks:1948: group 0, inode 18: block 129:freeing already freed block (bit 8); block bitmap corrupt.
[  109.575733][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.611436][ T6940] loop2: detected capacity change from 0 to 164
[  109.619214][ T6936] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1123'.
[  109.630516][ T6940] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  109.650129][ T6940] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  109.656297][ T6941] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1119'.
[  109.658938][ T6940] Symlink component flag not implemented
[  109.673182][ T6940] Symlink component flag not implemented
[  109.695651][ T6940] Symlink component flag not implemented (7)
[  109.701765][ T6940] Symlink component flag not implemented (116)
[  109.772235][ T6952] loop2: detected capacity change from 0 to 256
[  110.100576][ T6987] can: request_module (can-proto-0) failed.
[  110.288486][ T7003] netlink: 'syz.4.1151': attribute type 21 has an invalid length.
[  110.296639][ T7003] netlink: 156 bytes leftover after parsing attributes in process `syz.4.1151'.
[  110.488194][ T7032] loop2: detected capacity change from 0 to 256
[  110.522920][ T7033] loop4: detected capacity change from 0 to 512
[  110.526857][ T7037] loop5: detected capacity change from 0 to 164
[  110.537743][ T7033] EXT4-fs: dax option not supported
[  110.552412][ T7033] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1163'.
[  110.561223][ T7037] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  110.596770][ T7030] wg1 speed is unknown, defaulting to 1000
[  110.605938][ T7037] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  110.665148][ T7037] Symlink component flag not implemented
[  110.670912][ T7037] Symlink component flag not implemented
[  110.692002][ T7037] Symlink component flag not implemented (7)
[  110.698314][ T7037] Symlink component flag not implemented (116)
[  110.807025][ T7063] netlink: 'syz.4.1177': attribute type 21 has an invalid length.
[  110.815112][ T7063] netlink: 156 bytes leftover after parsing attributes in process `syz.4.1177'.
[  110.856227][ T7069] loop5: detected capacity change from 0 to 1024
[  110.863309][ T7069] EXT4-fs: Ignoring removed nobh option
[  110.869023][ T7069] EXT4-fs: Ignoring removed bh option
[  110.895234][ T7069] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  110.956651][ T7074] SELinux:  Context system_u:object_r:ldconfig_cache_t:s0 is not valid (left unmapped).
[  110.984583][ T7090] loop4: detected capacity change from 0 to 164
[  110.997585][ T7090] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  111.037400][ T7090] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  111.046918][ T7090] Symlink component flag not implemented
[  111.052639][ T7090] Symlink component flag not implemented
[  111.066677][ T7069] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4113: comm syz.5.1180: Allocating blocks 497-513 which overlap fs metadata
[  111.083569][ T7090] Symlink component flag not implemented (7)
[  111.089639][ T7090] Symlink component flag not implemented (116)
[  111.129456][ T7069] EXT4-fs (loop5): pa ffff888106e277e0: logic 256, phys. 369, len 9
[  111.138042][ T7069] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[  111.169965][ T7093] wg1 speed is unknown, defaulting to 1000
[  111.176479][ T7069] EXT4-fs error (device loop5): mb_free_blocks:1948: group 0, inode 18: block 129:freeing already freed block (bit 8); block bitmap corrupt.
[  111.263970][ T3686] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.377889][   T30] kauditd_printk_skb: 622 callbacks suppressed
[  111.377909][   T30] audit: type=1400 audit(1750596697.691:5868): avc:  denied  { create } for  pid=7122 comm="syz.4.1202" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  111.453254][   T30] audit: type=1400 audit(1750596697.731:5869): avc:  denied  { write } for  pid=7122 comm="syz.4.1202" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  111.473638][   T30] audit: type=1400 audit(1750596697.731:5870): avc:  denied  { nlmsg_write } for  pid=7122 comm="syz.4.1202" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  111.475066][ T7127] can: request_module (can-proto-0) failed.
[  111.563829][   T30] audit: type=1326 audit(1750596697.871:5871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7133 comm="syz.5.1207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dc2dbe929 code=0x7ffc0000
[  111.587574][   T30] audit: type=1326 audit(1750596697.871:5872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7133 comm="syz.5.1207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dc2dbe929 code=0x7ffc0000
[  111.587918][ T7140] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1209'.
[  111.611218][   T30] audit: type=1400 audit(1750596697.871:5873): avc:  denied  { watch } for  pid=7139 comm="syz.1.1209" path="/246/file0" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0"
[  111.646846][   T30] audit: type=1400 audit(1750596697.871:5874): avc:  denied  { read } for  pid=7139 comm="syz.1.1209" name="qrtr-tun" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  111.650042][ T7143] xt_l2tp: v2 doesn't support IP mode
[  111.669923][   T30] audit: type=1400 audit(1750596697.871:5875): avc:  denied  { open } for  pid=7139 comm="syz.1.1209" path="/dev/qrtr-tun" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  111.669962][   T30] audit: type=1400 audit(1750596697.871:5876): avc:  denied  { bind } for  pid=7137 comm="syz.3.1208" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  111.718088][   T30] audit: type=1400 audit(1750596697.871:5877): avc:  denied  { name_bind } for  pid=7137 comm="syz.3.1208" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  111.934213][ T7169] loop5: detected capacity change from 0 to 256
[  111.952526][ T7127] loop4: detected capacity change from 0 to 8192
[  112.010155][ T7174] loop5: detected capacity change from 0 to 128
[  112.064314][ T7174] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  112.090450][ T7174] ext4 filesystem being mounted at /223/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  112.105914][ T7183] FAULT_INJECTION: forcing a failure.
[  112.105914][ T7183] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  112.136252][ T7183] CPU: 0 UID: 0 PID: 7183 Comm: syz.1.1225 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(voluntary) 
[  112.136291][ T7183] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  112.136385][ T7183] Call Trace:
[  112.136394][ T7183]  <TASK>
[  112.136405][ T7183]  __dump_stack+0x1d/0x30
[  112.136433][ T7183]  dump_stack_lvl+0xe8/0x140
[  112.136458][ T7183]  dump_stack+0x15/0x1b
[  112.136479][ T7183]  should_fail_ex+0x265/0x280
[  112.136518][ T7183]  should_fail_alloc_page+0xf2/0x100
[  112.136580][ T7183]  alloc_pages_bulk_noprof+0xef/0x540
[  112.136628][ T7183]  copy_splice_read+0xf3/0x5f0
[  112.136756][ T7183]  ? __pfx_shmem_file_splice_read+0x10/0x10
[  112.136785][ T7183]  splice_direct_to_actor+0x290/0x680
[  112.136842][ T7183]  ? __pfx_direct_splice_actor+0x10/0x10
[  112.136879][ T7183]  do_splice_direct+0xda/0x150
[  112.136909][ T7183]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  112.136967][ T7183]  do_sendfile+0x380/0x650
[  112.137002][ T7183]  __x64_sys_sendfile64+0x105/0x150
[  112.137052][ T7183]  x64_sys_call+0xb39/0x2fb0
[  112.137078][ T7183]  do_syscall_64+0xd2/0x200
[  112.137158][ T7183]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  112.137193][ T7183]  ? clear_bhb_loop+0x40/0x90
[  112.137222][ T7183]  ? clear_bhb_loop+0x40/0x90
[  112.137252][ T7183]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.137342][ T7183] RIP: 0033:0x7fb4c62fe929
[  112.137359][ T7183] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  112.137390][ T7183] RSP: 002b:00007fb4c4967038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  112.137418][ T7183] RAX: ffffffffffffffda RBX: 00007fb4c6525fa0 RCX: 00007fb4c62fe929
[  112.137434][ T7183] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000006
[  112.137448][ T7183] RBP: 00007fb4c4967090 R08: 0000000000000000 R09: 0000000000000000
[  112.137460][ T7183] R10: 0001000000201005 R11: 0000000000000246 R12: 0000000000000001
[  112.137476][ T7183] R13: 0000000000000000 R14: 00007fb4c6525fa0 R15: 00007ffd60dbb0a8
[  112.137499][ T7183]  </TASK>
[  112.400217][ T3686] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  112.456475][ T7195] loop5: detected capacity change from 0 to 1024
[  112.478960][ T7195] EXT4-fs: Ignoring removed nobh option
[  112.484760][ T7195] EXT4-fs: Ignoring removed bh option
[  112.559128][ T7195] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  112.605072][ T7207] can: request_module (can-proto-0) failed.
[  112.613895][ T7207] netlink: 'syz.4.1232': attribute type 29 has an invalid length.
[  112.718868][ T7207] loop4: detected capacity change from 0 to 8192
[  112.824064][ T7195] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4113: comm syz.5.1228: Allocating blocks 497-513 which overlap fs metadata
[  112.852870][ T7220] loop2: detected capacity change from 0 to 164
[  112.860135][ T7214] wg1 speed is unknown, defaulting to 1000
[  112.869566][ T7220] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  112.881740][ T7195] EXT4-fs (loop5): pa ffff888106e277e0: logic 256, phys. 369, len 9
[  112.889816][ T7195] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[  112.912828][ T7220] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  112.923034][ T7220] Symlink component flag not implemented
[  112.928938][ T7220] Symlink component flag not implemented
[  112.934787][ T7220] Symlink component flag not implemented (7)
[  112.940809][ T7220] Symlink component flag not implemented (116)
[  112.953894][ T7195] EXT4-fs error (device loop5): mb_free_blocks:1948: group 0, inode 18: block 129:freeing already freed block (bit 8); block bitmap corrupt.
[  113.088546][ T3686] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.116387][ T7246] can: request_module (can-proto-0) failed.
[  113.130021][ T7249] __nla_validate_parse: 2 callbacks suppressed
[  113.130038][ T7249] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1248'.
[  113.149125][ T7246] netlink: 'syz.3.1247': attribute type 29 has an invalid length.
[  113.157164][ T7246] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1247'.
[  113.229692][ T7250] wg1 speed is unknown, defaulting to 1000
[  113.484160][ T7274] loop4: detected capacity change from 0 to 256
[  113.613965][ T7282] loop4: detected capacity change from 0 to 2048
[  113.659874][ T7295] loop5: detected capacity change from 0 to 164
[  113.666534][ T7282]  loop4: p2 p3 p7
[  113.670645][ T7295] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  113.686658][ T7295] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  113.695389][ T7295] Symlink component flag not implemented
[  113.701142][ T7295] Symlink component flag not implemented
[  113.707275][ T7295] Symlink component flag not implemented (7)
[  113.713341][ T7295] Symlink component flag not implemented (116)
[  113.894671][ T7305] can: request_module (can-proto-0) failed.
[  113.901997][ T7305] netlink: 'syz.2.1269': attribute type 29 has an invalid length.
[  113.909930][ T7305] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1269'.
[  113.948958][ T7308] loop5: detected capacity change from 0 to 256
[  113.961702][ T7305] loop2: detected capacity change from 0 to 8192
[  114.165403][ T7332] loop5: detected capacity change from 0 to 1024
[  114.172361][ T7332] EXT4-fs: Ignoring removed nobh option
[  114.177974][ T7332] EXT4-fs: Ignoring removed bh option
[  114.193476][ T7332] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  114.273071][ T7339] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4113: comm syz.5.1282: Allocating blocks 497-513 which overlap fs metadata
[  114.287981][ T7339] EXT4-fs (loop5): pa ffff888106e277e0: logic 256, phys. 369, len 9
[  114.296166][ T7339] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[  114.311398][ T7339] EXT4-fs error (device loop5): mb_free_blocks:1948: group 0, inode 18: block 129:freeing already freed block (bit 8); block bitmap corrupt.
[  114.340612][ T3686] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.357673][ T7347] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1288'.
[  114.396309][ T7347] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  114.547386][ T7367] FAULT_INJECTION: forcing a failure.
[  114.547386][ T7367] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  114.560710][ T7367] CPU: 1 UID: 0 PID: 7367 Comm: syz.3.1289 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(voluntary) 
[  114.560855][ T7367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  114.560879][ T7367] Call Trace:
[  114.560888][ T7367]  <TASK>
[  114.560899][ T7367]  __dump_stack+0x1d/0x30
[  114.560945][ T7367]  dump_stack_lvl+0xe8/0x140
[  114.561053][ T7367]  dump_stack+0x15/0x1b
[  114.561079][ T7367]  should_fail_ex+0x265/0x280
[  114.561123][ T7367]  should_fail+0xb/0x20
[  114.561209][ T7367]  should_fail_usercopy+0x1a/0x20
[  114.561253][ T7367]  _copy_to_user+0x20/0xa0
[  114.561285][ T7367]  simple_read_from_buffer+0xb5/0x130
[  114.561361][ T7367]  proc_fail_nth_read+0x100/0x140
[  114.561389][ T7367]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  114.561439][ T7367]  vfs_read+0x1a0/0x6f0
[  114.561480][ T7367]  ? __rcu_read_unlock+0x4f/0x70
[  114.561591][ T7367]  ? __rcu_read_unlock+0x4f/0x70
[  114.561623][ T7367]  ? __fget_files+0x184/0x1c0
[  114.561656][ T7367]  ksys_read+0xda/0x1a0
[  114.561704][ T7367]  __x64_sys_read+0x40/0x50
[  114.561802][ T7367]  x64_sys_call+0x2d77/0x2fb0
[  114.561838][ T7367]  do_syscall_64+0xd2/0x200
[  114.561864][ T7367]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  114.561928][ T7367]  ? clear_bhb_loop+0x40/0x90
[  114.562007][ T7367]  ? clear_bhb_loop+0x40/0x90
[  114.562039][ T7367]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.562141][ T7367] RIP: 0033:0x7f3dc06cd33c
[  114.562160][ T7367] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  114.562183][ T7367] RSP: 002b:00007f3dbecf5030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  114.562209][ T7367] RAX: ffffffffffffffda RBX: 00007f3dc08f6160 RCX: 00007f3dc06cd33c
[  114.562227][ T7367] RDX: 000000000000000f RSI: 00007f3dbecf50a0 RDI: 000000000000000b
[  114.562292][ T7367] RBP: 00007f3dbecf5090 R08: 0000000000000000 R09: 0000000000000000
[  114.562310][ T7367] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  114.562327][ T7367] R13: 0000000000000000 R14: 00007f3dc08f6160 R15: 00007ffcd4e8fa18
[  114.562357][ T7367]  </TASK>
[  114.805664][ T7373] can: request_module (can-proto-0) failed.
[  114.831830][ T7373] netlink: 'syz.2.1297': attribute type 29 has an invalid length.
[  114.839718][ T7373] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1297'.
[  114.957219][ T7373] loop2: detected capacity change from 0 to 8192
[  115.055531][ T7395] loop4: detected capacity change from 0 to 512
[  115.070493][ T7395] EXT4-fs: dax option not supported
[  115.078788][ T7395] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1303'.
[  115.085656][ T7397] loop2: detected capacity change from 0 to 164
[  115.122275][ T7397] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  115.179108][ T7397] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  115.188141][ T7397] Symlink component flag not implemented
[  115.193976][ T7397] Symlink component flag not implemented
[  115.200728][ T7397] Symlink component flag not implemented (7)
[  115.206960][ T7397] Symlink component flag not implemented (116)
[  115.302823][ T7420] loop5: detected capacity change from 0 to 164
[  115.303332][ T7417] can: request_module (can-proto-0) failed.
[  115.316211][ T7420] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  115.320575][ T7417] netlink: 'syz.4.1314': attribute type 29 has an invalid length.
[  115.332524][ T7417] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1314'.
[  115.341438][ T7420] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  115.341722][ T7420] Symlink component flag not implemented
[  115.355548][ T7420] Symlink component flag not implemented
[  115.362659][ T7420] Symlink component flag not implemented (7)
[  115.368716][ T7420] Symlink component flag not implemented (116)
[  115.421658][ T7417] loop4: detected capacity change from 0 to 8192
[  115.440872][ T7426] can: request_module (can-proto-0) failed.
[  115.451337][ T7428] netlink: 'syz.5.1316': attribute type 29 has an invalid length.
[  115.459285][ T7428] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1316'.
[  115.510310][ T7426] loop5: detected capacity change from 0 to 8192
[  115.655606][ T7438] loop5: detected capacity change from 0 to 512
[  115.674136][ T7438] EXT4-fs: dax option not supported
[  115.694404][ T7438] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1320'.
[  115.885521][ T7454] loop4: detected capacity change from 0 to 256
[  116.078660][ T7477] loop4: detected capacity change from 0 to 1024
[  116.088849][ T7477] EXT4-fs: Ignoring removed nobh option
[  116.094624][ T7477] EXT4-fs: Ignoring removed bh option
[  116.125981][ T7477] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  116.237676][ T7486] loop5: detected capacity change from 0 to 2048
[  116.243964][ T7477] wg1 speed is unknown, defaulting to 1000
[  116.272923][ T7492] can: request_module (can-proto-0) failed.
[  116.281058][ T7490] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4113: comm syz.4.1336: Allocating blocks 497-513 which overlap fs metadata
[  116.315400][ T7492] netlink: 'syz.2.1343': attribute type 29 has an invalid length.
[  116.323502][ T7492] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1343'.
[  116.336132][ T7490] EXT4-fs (loop4): pa ffff888106e27850: logic 256, phys. 369, len 9
[  116.344895][ T7490] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[  116.356552][ T7486]  loop5: p2 p3 p7
[  116.363560][ T7490] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 18: block 129:freeing already freed block (bit 8); block bitmap corrupt.
[  116.394593][   T30] kauditd_printk_skb: 446 callbacks suppressed
[  116.394612][   T30] audit: type=1326 audit(1750596702.711:6324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7499 comm="syz.1.1346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4c62fe929 code=0x7ffc0000
[  116.427760][ T7501] Cannot find add_set index 0 as target
[  116.434717][   T30] audit: type=1326 audit(1750596702.721:6325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7489 comm="syz.2.1343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fb58ef7d3df code=0x7ffc0000
[  116.458710][   T30] audit: type=1326 audit(1750596702.751:6326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7499 comm="syz.1.1346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb4c62fe929 code=0x7ffc0000
[  116.482346][   T30] audit: type=1326 audit(1750596702.751:6327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7499 comm="syz.1.1346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4c62fe929 code=0x7ffc0000
[  116.482594][ T7492] loop2: detected capacity change from 0 to 8192
[  116.505872][   T30] audit: type=1326 audit(1750596702.751:6328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7499 comm="syz.1.1346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4c62fe929 code=0x7ffc0000
[  116.505913][   T30] audit: type=1326 audit(1750596702.751:6329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7499 comm="syz.1.1346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fb4c62fe929 code=0x7ffc0000
[  116.506003][   T30] audit: type=1326 audit(1750596702.761:6330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7499 comm="syz.1.1346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4c62fe929 code=0x7ffc0000
[  116.583002][   T30] audit: type=1326 audit(1750596702.761:6331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7499 comm="syz.1.1346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7fb4c62fe929 code=0x7ffc0000
[  116.606459][   T30] audit: type=1326 audit(1750596702.761:6332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7499 comm="syz.1.1346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4c62fe929 code=0x7ffc0000
[  116.629925][   T30] audit: type=1326 audit(1750596702.761:6333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7499 comm="syz.1.1346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fb4c62fe929 code=0x7ffc0000
[  116.657050][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.994714][ T7547] FAULT_INJECTION: forcing a failure.
[  116.994714][ T7547] name failslab, interval 1, probability 0, space 0, times 0
[  117.007662][ T7547] CPU: 1 UID: 0 PID: 7547 Comm: syz.4.1367 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(voluntary) 
[  117.007777][ T7547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  117.007806][ T7547] Call Trace:
[  117.007814][ T7547]  <TASK>
[  117.007824][ T7547]  __dump_stack+0x1d/0x30
[  117.007850][ T7547]  dump_stack_lvl+0xe8/0x140
[  117.007875][ T7547]  dump_stack+0x15/0x1b
[  117.007971][ T7547]  should_fail_ex+0x265/0x280
[  117.008009][ T7547]  should_failslab+0x8c/0xb0
[  117.008059][ T7547]  kmem_cache_alloc_noprof+0x50/0x310
[  117.008093][ T7547]  ? __anon_vma_prepare+0x70/0x2f0
[  117.008136][ T7547]  ? pte_alloc_one+0xf8/0x120
[  117.008202][ T7547]  __anon_vma_prepare+0x70/0x2f0
[  117.008281][ T7547]  handle_mm_fault+0x1d19/0x2be0
[  117.008358][ T7547]  ? __rcu_read_unlock+0x4f/0x70
[  117.008393][ T7547]  do_user_addr_fault+0x3fe/0x1090
[  117.008441][ T7547]  exc_page_fault+0x62/0xa0
[  117.008495][ T7547]  asm_exc_page_fault+0x26/0x30
[  117.008515][ T7547] RIP: 0010:rep_movs_alternative+0x4a/0x90
[  117.008543][ T7547] Code: cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[  117.008566][ T7547] RSP: 0018:ffffc90001537e00 EFLAGS: 00050206
[  117.008602][ T7547] RAX: ffff88812dcf8a98 RBX: 0000000000000068 RCX: 0000000000000068
[  117.008618][ T7547] RDX: 0000000000000000 RSI: ffffc90001537e38 RDI: 0000200000000980
[  117.008634][ T7547] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000
[  117.008648][ T7547] R10: 0001c90001537e38 R11: 0001c90001537e9f R12: 00002000000009e8
[  117.008660][ T7547] R13: 00007ffffffff000 R14: 0000200000000980 R15: ffffc90001537e38
[  117.008684][ T7547]  _copy_to_user+0x7c/0xa0
[  117.008713][ T7547]  __se_sys_semctl+0x1c1/0x2d0
[  117.008765][ T7547]  __x64_sys_semctl+0x55/0x70
[  117.008792][ T7547]  x64_sys_call+0x2ec1/0x2fb0
[  117.008813][ T7547]  do_syscall_64+0xd2/0x200
[  117.008877][ T7547]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  117.008950][ T7547]  ? clear_bhb_loop+0x40/0x90
[  117.008977][ T7547]  ? clear_bhb_loop+0x40/0x90
[  117.009006][ T7547]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.009042][ T7547] RIP: 0033:0x7f772b16e929
[  117.009060][ T7547] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  117.009083][ T7547] RSP: 002b:00007f77297d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000042
[  117.009106][ T7547] RAX: ffffffffffffffda RBX: 00007f772b395fa0 RCX: 00007f772b16e929
[  117.009122][ T7547] RDX: 0000000000000012 RSI: 0000000000000005 RDI: 0000000000000000
[  117.009158][ T7547] RBP: 00007f77297d7090 R08: 0000000000000000 R09: 0000000000000000
[  117.009169][ T7547] R10: 0000200000000980 R11: 0000000000000246 R12: 0000000000000001
[  117.009181][ T7547] R13: 0000000000000000 R14: 00007f772b395fa0 R15: 00007fff079759a8
[  117.009203][ T7547]  </TASK>
[  117.392825][ T7560] loop5: detected capacity change from 0 to 2048
[  117.429685][ T7560]  loop5: p2 p3 p7
[  117.467809][ T7557] loop4: detected capacity change from 0 to 8192
[  117.521237][ T7557]  loop4: p1 p3 p4
[  117.525204][ T7557] loop4: p1 size 8390912 extends beyond EOD, truncated
[  117.535861][ T7557] loop4: p3 size 589824 extends beyond EOD, truncated
[  117.582720][ T7572] can: request_module (can-proto-0) failed.
[  117.592202][ T7572] netlink: 'syz.3.1378': attribute type 29 has an invalid length.
[  117.768584][ T7589] can: request_module (can-proto-0) failed.
[  117.780912][ T7589] netlink: 'syz.1.1385': attribute type 29 has an invalid length.
[  117.885362][ T7601] loop4: detected capacity change from 0 to 8192
[  117.906506][ T7597] loop2: detected capacity change from 0 to 512
[  117.922597][ T7597] EXT4-fs: Ignoring removed nobh option
[  117.928693][ T7603] can: request_module (can-proto-0) failed.
[  117.930053][ T7601]  loop4: p1 p3 p4
[  117.937426][ T7603] netlink: 'syz.1.1390': attribute type 29 has an invalid length.
[  117.939049][ T7601] loop4: p1 size 8390912 extends beyond EOD, truncated
[  117.959823][ T7601] loop4: p3 size 589824 extends beyond EOD, truncated
[  118.020976][ T7597] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #16: comm +}[@: corrupted inode contents
[  118.042803][ T7597] EXT4-fs (loop2): Remounting filesystem read-only
[  118.054064][ T7597] EXT4-fs (loop2): 1 truncate cleaned up
[  118.069426][ T7597] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  118.085351][ T7597] ext4 filesystem being mounted at /259/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  118.089105][ T4682] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  118.106816][ T4682] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  118.118491][ T4682] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  118.134715][ T7597] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.288900][ T7628] __nla_validate_parse: 9 callbacks suppressed
[  118.288980][ T7628] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1400'.
[  118.307041][ T7628] netlink: 92 bytes leftover after parsing attributes in process `syz.1.1400'.
[  118.339163][ T7633] can: request_module (can-proto-0) failed.
[  118.364733][ T7633] netlink: 'syz.2.1401': attribute type 29 has an invalid length.
[  118.372799][ T7633] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1401'.
[  118.612821][ T7633] loop2: detected capacity change from 0 to 8192
[  118.752532][ T7656] FAULT_INJECTION: forcing a failure.
[  118.752532][ T7656] name failslab, interval 1, probability 0, space 0, times 0
[  118.765504][ T7656] CPU: 1 UID: 0 PID: 7656 Comm: syz.3.1411 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(voluntary) 
[  118.765555][ T7656] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  118.765581][ T7656] Call Trace:
[  118.765590][ T7656]  <TASK>
[  118.765600][ T7656]  __dump_stack+0x1d/0x30
[  118.765629][ T7656]  dump_stack_lvl+0xe8/0x140
[  118.765732][ T7656]  dump_stack+0x15/0x1b
[  118.765803][ T7656]  should_fail_ex+0x265/0x280
[  118.765846][ T7656]  should_failslab+0x8c/0xb0
[  118.765880][ T7656]  kmem_cache_alloc_noprof+0x50/0x310
[  118.765984][ T7656]  ? security_inode_alloc+0x37/0x100
[  118.766088][ T7656]  security_inode_alloc+0x37/0x100
[  118.766129][ T7656]  inode_init_always_gfp+0x4b7/0x500
[  118.766186][ T7656]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  118.766269][ T7656]  alloc_inode+0x58/0x170
[  118.766313][ T7656]  new_inode+0x1d/0xe0
[  118.766365][ T7656]  shmem_get_inode+0x244/0x750
[  118.766392][ T7656]  __shmem_file_setup+0x113/0x210
[  118.766508][ T7656]  shmem_file_setup+0x3b/0x50
[  118.766629][ T7656]  __se_sys_memfd_create+0x2c3/0x590
[  118.766675][ T7656]  __x64_sys_memfd_create+0x31/0x40
[  118.766718][ T7656]  x64_sys_call+0x122f/0x2fb0
[  118.766741][ T7656]  do_syscall_64+0xd2/0x200
[  118.766837][ T7656]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  118.766866][ T7656]  ? clear_bhb_loop+0x40/0x90
[  118.766887][ T7656]  ? clear_bhb_loop+0x40/0x90
[  118.766912][ T7656]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.766981][ T7656] RIP: 0033:0x7f3dc06ce929
[  118.767002][ T7656] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  118.767027][ T7656] RSP: 002b:00007f3dbed36e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  118.767053][ T7656] RAX: ffffffffffffffda RBX: 00000000000004d8 RCX: 00007f3dc06ce929
[  118.767069][ T7656] RDX: 00007f3dbed36ef0 RSI: 0000000000000000 RDI: 00007f3dc07514cc
[  118.767086][ T7656] RBP: 0000200000000b00 R08: 00007f3dbed36bb7 R09: 00007f3dbed36e40
[  118.767184][ T7656] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000080
[  118.767200][ T7656] R13: 00007f3dbed36ef0 R14: 00007f3dbed36eb0 R15: 0000200000000440
[  118.767227][ T7656]  </TASK>
[  119.147787][ T7670] can: request_module (can-proto-0) failed.
[  119.155934][ T7670] netlink: 'syz.1.1416': attribute type 29 has an invalid length.
[  119.163946][ T7670] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1416'.
[  119.189707][ T7674] loop2: detected capacity change from 0 to 512
[  119.220333][ T7674] EXT4-fs: dax option not supported
[  119.263933][ T7674] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1414'.
[  119.417796][ T7682] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1419'.
[  119.479253][ T7694] bridge0: entered allmulticast mode
[  119.501225][ T7694] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1425'.
[  119.510271][ T7694] bridge_slave_1: left allmulticast mode
[  119.515989][ T7694] bridge_slave_1: left promiscuous mode
[  119.521795][ T7694] bridge0: port 2(bridge_slave_1) entered disabled state
[  119.534643][ T7694] bridge_slave_0: left allmulticast mode
[  119.540377][ T7694] bridge_slave_0: left promiscuous mode
[  119.546298][ T7694] bridge0: port 1(bridge_slave_0) entered disabled state
[  119.571955][ T7694] bridge0 (unregistering): left allmulticast mode
[  119.580035][ T7699] loop2: detected capacity change from 0 to 512
[  119.640153][ T7699] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  119.665097][ T7708] can: request_module (can-proto-0) failed.
[  119.665247][ T7699] ext4 filesystem being mounted at /269/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  119.680090][ T7708] netlink: 'syz.5.1430': attribute type 29 has an invalid length.
[  119.689336][ T7708] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1430'.
[  119.761623][ T7708] loop5: detected capacity change from 0 to 8192
[  119.838239][ T7699] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #19: comm syz.2.1425: corrupted inode contents
[  119.859370][ T7699] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #19: comm syz.2.1425: mark_inode_dirty error
[  119.874085][ T7699] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #19: comm syz.2.1425: corrupted inode contents
[  119.886722][ T7699] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2991: inode #19: comm syz.2.1425: mark_inode_dirty error
[  119.900605][ T7699] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2994: inode #19: comm syz.2.1425: mark inode dirty (error -117)
[  119.914626][ T7699] EXT4-fs warning (device loop2): ext4_evict_inode:274: xattr delete (err -117)
[  119.924871][ T7720] FAULT_INJECTION: forcing a failure.
[  119.924871][ T7720] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  119.938044][ T7720] CPU: 1 UID: 0 PID: 7720 Comm: syz.4.1435 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(voluntary) 
[  119.938073][ T7720] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  119.938086][ T7720] Call Trace:
[  119.938142][ T7720]  <TASK>
[  119.938151][ T7720]  __dump_stack+0x1d/0x30
[  119.938177][ T7720]  dump_stack_lvl+0xe8/0x140
[  119.938201][ T7720]  dump_stack+0x15/0x1b
[  119.938222][ T7720]  should_fail_ex+0x265/0x280
[  119.938324][ T7720]  should_fail+0xb/0x20
[  119.938382][ T7720]  should_fail_usercopy+0x1a/0x20
[  119.938460][ T7720]  _copy_to_user+0x20/0xa0
[  119.938543][ T7720]  simple_read_from_buffer+0xb5/0x130
[  119.938580][ T7720]  proc_fail_nth_read+0x100/0x140
[  119.938602][ T7720]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  119.938639][ T7720]  vfs_read+0x1a0/0x6f0
[  119.938741][ T7720]  ? __rcu_read_unlock+0x4f/0x70
[  119.938763][ T7720]  ? __rcu_read_unlock+0x4f/0x70
[  119.938785][ T7720]  ? __fget_files+0x184/0x1c0
[  119.938819][ T7720]  ksys_read+0xda/0x1a0
[  119.938912][ T7720]  __x64_sys_read+0x40/0x50
[  119.938948][ T7720]  x64_sys_call+0x2d77/0x2fb0
[  119.938975][ T7720]  do_syscall_64+0xd2/0x200
[  119.939046][ T7720]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  119.939075][ T7720]  ? clear_bhb_loop+0x40/0x90
[  119.939098][ T7720]  ? clear_bhb_loop+0x40/0x90
[  119.939121][ T7720]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  119.939222][ T7720] RIP: 0033:0x7f772b16d33c
[  119.939237][ T7720] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  119.939269][ T7720] RSP: 002b:00007f77297d7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  119.939288][ T7720] RAX: ffffffffffffffda RBX: 00007f772b395fa0 RCX: 00007f772b16d33c
[  119.939301][ T7720] RDX: 000000000000000f RSI: 00007f77297d70a0 RDI: 0000000000000005
[  119.939313][ T7720] RBP: 00007f77297d7090 R08: 0000000000000000 R09: 0000000000000000
[  119.939326][ T7720] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  119.939338][ T7720] R13: 0000000000000000 R14: 00007f772b395fa0 R15: 00007fff079759a8
[  119.939385][ T7720]  </TASK>
[  120.180809][ T7724] loop4: detected capacity change from 0 to 164
[  120.188606][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  120.200447][ T7724] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  120.228245][ T7724] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  120.237691][ T7724] Symlink component flag not implemented
[  120.243404][ T7724] Symlink component flag not implemented
[  120.249225][ T7724] Symlink component flag not implemented (7)
[  120.255313][ T7724] Symlink component flag not implemented (116)
[  120.320462][ T7734] can: request_module (can-proto-0) failed.
[  120.372607][ T7734] netlink: 'syz.5.1443': attribute type 29 has an invalid length.
[  120.380493][ T7734] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1443'.
[  120.487085][ T7754] loop4: detected capacity change from 0 to 512
[  120.516333][ T7734] loop5: detected capacity change from 0 to 8192
[  120.536195][ T7754] EXT4-fs: dax option not supported
[  120.563225][ T7756] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1451'.
[  120.642068][ T7760] can: request_module (can-proto-0) failed.
[  120.660603][ T7760] netlink: 'syz.2.1453': attribute type 29 has an invalid length.
[  120.782946][ T7760] loop2: detected capacity change from 0 to 8192
[  120.876830][ T7789] can: request_module (can-proto-0) failed.
[  120.884913][ T7789] netlink: 'syz.2.1462': attribute type 29 has an invalid length.
[  120.959929][ T7789] loop2: detected capacity change from 0 to 8192
[  121.360856][ T7809] loop4: detected capacity change from 0 to 512
[  121.394166][ T7809] EXT4-fs: dax option not supported
[  121.548016][ T7825] can: request_module (can-proto-0) failed.
[  121.563390][   T30] kauditd_printk_skb: 682 callbacks suppressed
[  121.563408][   T30] audit: type=1326 audit(1750596707.881:7010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7824 comm="syz.2.1473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb58ef7e929 code=0x7ffc0000
[  121.564232][ T7825] netlink: 'syz.2.1473': attribute type 29 has an invalid length.
[  121.569639][   T30] audit: type=1326 audit(1750596707.881:7011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7824 comm="syz.2.1473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb58ef7e929 code=0x7ffc0000
[  121.607053][ T7829] can: request_module (can-proto-0) failed.
[  121.624466][   T30] audit: type=1326 audit(1750596707.881:7012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7824 comm="syz.2.1473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fb58ef7e929 code=0x7ffc0000
[  121.624501][   T30] audit: type=1326 audit(1750596707.881:7013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7824 comm="syz.2.1473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb58ef7e929 code=0x7ffc0000
[  121.624564][   T30] audit: type=1326 audit(1750596707.881:7014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7824 comm="syz.2.1473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb58ef7e929 code=0x7ffc0000
[  121.624596][   T30] audit: type=1326 audit(1750596707.881:7015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7824 comm="syz.2.1473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb58ef7e929 code=0x7ffc0000
[  121.624628][   T30] audit: type=1326 audit(1750596707.881:7016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7824 comm="syz.2.1473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fb58ef7e929 code=0x7ffc0000
[  121.741033][   T30] audit: type=1326 audit(1750596708.001:7017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7824 comm="syz.2.1473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb58ef7e929 code=0x7ffc0000
[  121.771536][   T30] audit: type=1326 audit(1750596708.001:7018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7824 comm="syz.2.1473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb58ef7e929 code=0x7ffc0000
[  121.794991][   T30] audit: type=1326 audit(1750596708.021:7019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7799 comm="syz.3.1466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3dc06cd290 code=0x7ffc0000
[  121.863160][ T7833] netlink: 'syz.4.1474': attribute type 29 has an invalid length.
[  121.906172][ T7833] loop4: detected capacity change from 0 to 8192
[  121.906960][ T7778] syz.5.1458 (7778) used greatest stack depth: 7000 bytes left
[  121.922837][ T7825] loop2: detected capacity change from 0 to 8192
[  122.060328][ T7846] loop2: detected capacity change from 0 to 2048
[  122.101507][ T7800] netlink: 'syz.3.1466': attribute type 13 has an invalid length.
[  122.123785][ T7846]  loop2: p2 p3 p7
[  122.194152][ T7800] erspan0: refused to change device tx_queue_len
[  122.200561][ T7800] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  122.336494][ T7864] netlink: 'syz.1.1485': attribute type 9 has an invalid length.
[  122.782657][ T7907] loop4: detected capacity change from 0 to 2048
[  122.851865][ T7907]  loop4: p2 p3 p7
[  122.996910][ T7932] loop5: detected capacity change from 0 to 164
[  123.009838][ T7932] Unable to read rock-ridge attributes
[  123.017151][ T7936] netlink: 'syz.1.1519': attribute type 9 has an invalid length.
[  123.083269][ T7932] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6
[  123.142598][ T7955] loop5: detected capacity change from 0 to 256
[  123.195540][ T7958] loop5: detected capacity change from 0 to 2048
[  123.237580][ T7958]  loop5: p2 p3 p7
[  123.975772][ T7993] __nla_validate_parse: 29 callbacks suppressed
[  123.975793][ T7993] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1538'.
[  124.049621][ T8000] netlink: 92 bytes leftover after parsing attributes in process `syz.1.1538'.
[  124.145913][ T8008] 8021q: adding VLAN 0 to HW filter on device bond1
[  124.156143][ T8008] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1546'.
[  124.178742][ T8008] bond1 (unregistering): Released all slaves
[  124.259899][ T8028] loop5: detected capacity change from 0 to 1024
[  124.260544][ T8028] EXT4-fs: Ignoring removed nobh option
[  124.260570][ T8028] EXT4-fs: Ignoring removed bh option
[  124.284177][ T8028] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  124.301645][ T8033] can: request_module (can-proto-0) failed.
[  124.325307][ T8033] validate_nla: 1 callbacks suppressed
[  124.325338][ T8033] netlink: 'syz.4.1553': attribute type 29 has an invalid length.
[  124.338798][ T8033] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1553'.
[  124.474246][ T8033] loop4: detected capacity change from 0 to 8192
[  124.891116][ T8059] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4113: comm syz.5.1551: Allocating blocks 273-513 which overlap fs metadata
[  124.894319][ T8028] wg1 speed is unknown, defaulting to 1000
[  124.924730][ T8059] EXT4-fs (loop5): pa ffff888106e277e0: logic 0, phys. 257, len 16
[  124.932844][ T8059] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5364: group 0, free 1, pa_free 16
[  125.016956][ T3686] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  125.088299][ T8065] loop5: detected capacity change from 0 to 512
[  125.098012][ T8065] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  125.109575][ T8065] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c842e02c, mo2=0002]
[  125.125059][ T8065] EXT4-fs (loop5): orphan cleanup on readonly fs
[  125.137367][ T8065] EXT4-fs error (device loop5): ext4_clear_blocks:876: inode #11: comm syz.5.1564: attempt to clear invalid blocks 1024 len 1
[  125.158417][ T8070] loop4: detected capacity change from 0 to 764
[  125.165131][ T8065] EXT4-fs (loop5): Remounting filesystem read-only
[  125.188975][ T8065] EXT4-fs (loop5): 1 truncate cleaned up
[  125.277187][ T8065] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none.
[  125.328123][ T8075] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1568'.
[  125.347658][ T3686] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  125.550580][ T8094] loop4: detected capacity change from 0 to 2048
[  125.607528][ T8094]  loop4: p2 p3 p7
[  125.625319][ T8098] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1578'.
[  125.721958][ T8107] 9pnet: p9_errstr2errno: server reported unknown error 
[  125.770376][ T8112] FAULT_INJECTION: forcing a failure.
[  125.770376][ T8112] name failslab, interval 1, probability 0, space 0, times 0
[  125.783231][ T8112] CPU: 0 UID: 0 PID: 8112 Comm: syz.5.1581 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(voluntary) 
[  125.783287][ T8112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  125.783302][ T8112] Call Trace:
[  125.783310][ T8112]  <TASK>
[  125.783319][ T8112]  __dump_stack+0x1d/0x30
[  125.783346][ T8112]  dump_stack_lvl+0xe8/0x140
[  125.783396][ T8112]  dump_stack+0x15/0x1b
[  125.783417][ T8112]  should_fail_ex+0x265/0x280
[  125.783457][ T8112]  ? alloc_fs_context+0x44/0x4e0
[  125.783494][ T8112]  should_failslab+0x8c/0xb0
[  125.783574][ T8112]  __kmalloc_cache_noprof+0x4c/0x320
[  125.783605][ T8112]  alloc_fs_context+0x44/0x4e0
[  125.783653][ T8112]  fs_context_for_mount+0x22/0x30
[  125.783747][ T8112]  do_new_mount+0xe9/0x680
[  125.783786][ T8112]  path_mount+0x4a4/0xb20
[  125.783860][ T8112]  ? user_path_at+0x109/0x130
[  125.783889][ T8112]  __se_sys_mount+0x28f/0x2e0
[  125.783907][ T8112]  ? fput+0x8f/0xc0
[  125.783935][ T8112]  __x64_sys_mount+0x67/0x80
[  125.783954][ T8112]  x64_sys_call+0xd36/0x2fb0
[  125.784021][ T8112]  do_syscall_64+0xd2/0x200
[  125.784039][ T8112]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  125.784069][ T8112]  ? clear_bhb_loop+0x40/0x90
[  125.784109][ T8112]  ? clear_bhb_loop+0x40/0x90
[  125.784132][ T8112]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.784155][ T8112] RIP: 0033:0x7f3dc2dbe929
[  125.784170][ T8112] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  125.784199][ T8112] RSP: 002b:00007f3dc1406038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  125.784218][ T8112] RAX: ffffffffffffffda RBX: 00007f3dc2fe6080 RCX: 00007f3dc2dbe929
[  125.784262][ T8112] RDX: 0000200000000180 RSI: 0000200000000000 RDI: 0000000000000000
[  125.784275][ T8112] RBP: 00007f3dc1406090 R08: 0000200000000080 R09: 0000000000000000
[  125.784288][ T8112] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  125.784300][ T8112] R13: 0000000000000001 R14: 00007f3dc2fe6080 R15: 00007ffe302cf0c8
[  125.784320][ T8112]  </TASK>
[  126.046896][ T8120] can: request_module (can-proto-0) failed.
[  126.066932][ T8120] netlink: 'syz.5.1588': attribute type 29 has an invalid length.
[  126.074913][ T8120] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1588'.
[  126.138813][ T8133] random: crng reseeded on system resumption
[  126.166945][ T8120] loop5: detected capacity change from 0 to 8192
[  126.255823][ T8145] tc_dump_action: action bad kind
[  126.322388][ T8150] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1601'.
[  126.380326][ T8160] netlink: 92 bytes leftover after parsing attributes in process `syz.1.1601'.
[  126.422862][ T8164] can: request_module (can-proto-0) failed.
[  126.518834][ T8170] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1610'.
[  126.564359][ T8164] netlink: 'syz.5.1608': attribute type 29 has an invalid length.
[  126.572657][   T30] kauditd_printk_skb: 436 callbacks suppressed
[  126.572672][   T30] audit: type=1400 audit(1750596712.881:7456): avc:  denied  { create } for  pid=8174 comm="syz.3.1611" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  126.602822][ T8173] loop4: detected capacity change from 0 to 512
[  126.609402][ T8173] EXT4-fs: Ignoring removed bh option
[  126.614881][ T8173] ext3: Unknown parameter 'appraise'
[  126.615535][ T8165] wg1 speed is unknown, defaulting to 1000
[  126.646940][ T8170] FAULT_INJECTION: forcing a failure.
[  126.646940][ T8170] name failslab, interval 1, probability 0, space 0, times 0
[  126.659628][ T8170] CPU: 0 UID: 0 PID: 8170 Comm: syz.1.1610 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(voluntary) 
[  126.659711][ T8170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  126.659728][ T8170] Call Trace:
[  126.659767][ T8170]  <TASK>
[  126.659774][ T8170]  __dump_stack+0x1d/0x30
[  126.659797][ T8170]  dump_stack_lvl+0xe8/0x140
[  126.659822][ T8170]  dump_stack+0x15/0x1b
[  126.659874][ T8170]  should_fail_ex+0x265/0x280
[  126.659913][ T8170]  should_failslab+0x8c/0xb0
[  126.660003][ T8170]  kmem_cache_alloc_node_noprof+0x57/0x320
[  126.660055][ T8170]  ? __alloc_skb+0x101/0x320
[  126.660094][ T8170]  __alloc_skb+0x101/0x320
[  126.660174][ T8170]  netlink_alloc_large_skb+0xba/0xf0
[  126.660255][ T8170]  netlink_sendmsg+0x3cf/0x6b0
[  126.660281][ T8170]  ? __pfx_netlink_sendmsg+0x10/0x10
[  126.660382][ T8170]  __sock_sendmsg+0x142/0x180
[  126.660413][ T8170]  ____sys_sendmsg+0x31e/0x4e0
[  126.660479][ T8170]  ___sys_sendmsg+0x17b/0x1d0
[  126.660537][ T8170]  __x64_sys_sendmsg+0xd4/0x160
[  126.660641][ T8170]  x64_sys_call+0x2999/0x2fb0
[  126.660749][ T8170]  do_syscall_64+0xd2/0x200
[  126.660773][ T8170]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  126.660806][ T8170]  ? clear_bhb_loop+0x40/0x90
[  126.660833][ T8170]  ? clear_bhb_loop+0x40/0x90
[  126.660860][ T8170]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  126.660899][ T8170] RIP: 0033:0x7fb4c62fe929
[  126.660918][ T8170] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  126.660940][ T8170] RSP: 002b:00007fb4c4967038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  126.661041][ T8170] RAX: ffffffffffffffda RBX: 00007fb4c6525fa0 RCX: 00007fb4c62fe929
[  126.661056][ T8170] RDX: 0000000000000000 RSI: 0000200000000780 RDI: 000000000000000d
[  126.661071][ T8170] RBP: 00007fb4c4967090 R08: 0000000000000000 R09: 0000000000000000
[  126.661086][ T8170] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  126.661111][ T8170] R13: 0000000000000000 R14: 00007fb4c6525fa0 R15: 00007ffd60dbb0a8
[  126.661135][ T8170]  </TASK>
[  126.698564][   T30] audit: type=1400 audit(1750596712.941:7457): avc:  denied  { write } for  pid=8162 comm="syz.4.1607" name="001" dev="devtmpfs" ino=171 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  126.817006][ T8164] loop5: detected capacity change from 0 to 8192
[  126.825050][   T30] audit: type=1326 audit(1750596712.951:7458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8161 comm="syz.5.1608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dc2dbe929 code=0x7ffc0000
[  126.825083][   T30] audit: type=1326 audit(1750596712.951:7459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8161 comm="syz.5.1608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dc2dbe929 code=0x7ffc0000
[  126.899008][ T8180] tc_dump_action: action bad kind
[  126.921095][   T30] audit: type=1400 audit(1750596712.961:7460): avc:  denied  { ioctl } for  pid=8169 comm="syz.1.1610" path="socket:[19074]" dev="sockfs" ino=19074 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  126.921182][   T30] audit: type=1400 audit(1750596712.961:7461): avc:  denied  { bind } for  pid=8169 comm="syz.1.1610" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  126.921206][   T30] audit: type=1400 audit(1750596712.961:7462): avc:  denied  { write } for  pid=8169 comm="syz.1.1610" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  127.013025][   T30] audit: type=1326 audit(1750596712.971:7463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8161 comm="syz.5.1608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f3dc2dbe929 code=0x7ffc0000
[  127.036492][   T30] audit: type=1326 audit(1750596712.971:7464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8161 comm="syz.5.1608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f3dc2dbe963 code=0x7ffc0000
[  127.061195][   T30] audit: type=1326 audit(1750596713.071:7465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8161 comm="syz.5.1608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f3dc2dbd3df code=0x7ffc0000
[  127.109633][ T8184] loop2: detected capacity change from 0 to 2048
[  127.186230][ T8184]  loop2: p2 p3 p7
[  127.197098][ T8197] 9pnet_fd: Insufficient options for proto=fd
[  127.237397][ T8205] loop5: detected capacity change from 0 to 256
[  127.293876][ T8210] can: request_module (can-proto-0) failed.
[  127.303697][ T8210] netlink: 'syz.5.1625': attribute type 29 has an invalid length.
[  127.352763][ T8210] loop5: detected capacity change from 0 to 8192
[  127.469414][ T8239] loop1: detected capacity change from 0 to 256
[  127.476603][ T8237] hsr_slave_0: left promiscuous mode
[  127.483007][ T8237] hsr_slave_1: left promiscuous mode
[  128.232699][ T8273] loop2: detected capacity change from 0 to 2048
[  128.258904][ T8275] loop4: detected capacity change from 0 to 8192
[  128.355185][ T8275]  loop4: p1 p3 p4
[  128.358998][ T8275] loop4: p1 size 8390912 extends beyond EOD, truncated
[  128.367531][ T8273]  loop2: p2 p3 p7
[  128.378017][ T8275] loop4: p3 size 589824 extends beyond EOD, truncated
[  128.474017][ T8289] loop5: detected capacity change from 0 to 1024
[  128.483688][ T8289] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  128.493648][ T8289] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[  128.507748][ T8289] EXT4-fs (loop5): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  128.518945][ T8289] EXT4-fs error (device loop5): ext4_get_journal_inode:5796: inode #5: comm syz.5.1654: unexpected bad inode w/o EXT4_IGET_BAD
[  128.546615][ T8289] EXT4-fs (loop5): no journal found
[  128.551909][ T8289] EXT4-fs (loop5): can't get journal size
[  128.558539][ T8289] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  128.562163][ T8296] loop4: detected capacity change from 0 to 2048
[  128.571533][ T8289] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.629268][ T8296]  loop4: p2 p3 p7
[  128.673363][ T8307] can: request_module (can-proto-0) failed.
[  128.682582][ T8307] netlink: 'syz.1.1660': attribute type 29 has an invalid length.
[  128.723320][ T8307] loop1: detected capacity change from 0 to 8192
[  128.972534][ T8315] loop1: detected capacity change from 0 to 512
[  128.979727][ T8315] EXT4-fs: Ignoring removed oldalloc option
[  128.991729][ T8315] EXT4-fs error (device loop1): ext4_xattr_inode_iget:433: comm syz.1.1661: Parent and EA inode have the same ino 15
[  129.005548][ T8315] EXT4-fs error (device loop1): ext4_xattr_inode_iget:433: comm syz.1.1661: Parent and EA inode have the same ino 15
[  129.018825][ T8315] EXT4-fs (loop1): 1 orphan inode deleted
[  129.025023][ T8315] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  129.253653][ T8326] __nla_validate_parse: 10 callbacks suppressed
[  129.253670][ T8326] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1665'.
[  129.312453][ T8326] loop2: detected capacity change from 0 to 8192
[  129.351114][ T8326]  loop2: p1 p3 p4
[  129.355053][ T8326] loop2: p1 size 8390912 extends beyond EOD, truncated
[  129.363949][ T8326] loop2: p3 size 589824 extends beyond EOD, truncated
[  129.625855][ T8348] loop5: detected capacity change from 0 to 256
[  129.704534][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.724362][ T8358] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1680'.
[  129.844501][ T8358] loop2: detected capacity change from 0 to 8192
[  129.900804][ T8358]  loop2: p1 p3 p4
[  129.910963][ T8358] loop2: p1 size 8390912 extends beyond EOD, truncated
[  129.925105][ T8358] loop2: p3 size 589824 extends beyond EOD, truncated
[  129.982468][ T8380] loop1: detected capacity change from 0 to 256
[  130.027543][ T8387] loop1: detected capacity change from 0 to 128
[  130.504254][ T8396] wg1 speed is unknown, defaulting to 1000
[  130.625606][ T8414] loop2: detected capacity change from 0 to 1024
[  130.667976][ T8414] EXT4-fs: Ignoring removed nobh option
[  130.673730][ T8414] EXT4-fs: Ignoring removed bh option
[  130.715020][ T8414] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  130.787080][ T8425] loop4: detected capacity change from 0 to 1024
[  130.795439][ T8425] EXT4-fs: Ignoring removed nobh option
[  130.799904][ T8414] wg1 speed is unknown, defaulting to 1000
[  130.801099][ T8425] EXT4-fs: Ignoring removed bh option
[  130.815958][ T8426] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4113: comm syz.2.1701: Allocating blocks 497-513 which overlap fs metadata
[  130.832793][ T8426] EXT4-fs (loop2): pa ffff888106e70310: logic 256, phys. 369, len 9
[  130.840881][ T8426] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[  130.853908][ T8426] EXT4-fs error (device loop2): mb_free_blocks:1948: group 0, inode 18: block 129:freeing already freed block (bit 8); block bitmap corrupt.
[  130.919631][ T8425] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  130.980987][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.045239][ T8445] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4113: comm syz.4.1704: Allocating blocks 497-513 which overlap fs metadata
[  131.071697][ T8446] loop1: detected capacity change from 0 to 512
[  131.078226][ T8446] EXT4-fs: dax option not supported
[  131.083785][ T8445] EXT4-fs (loop4): pa ffff888106e278c0: logic 256, phys. 369, len 9
[  131.091913][ T8445] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[  131.111532][ T8445] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 18: block 129:freeing already freed block (bit 8); block bitmap corrupt.
[  131.193450][ T8425] wg1 speed is unknown, defaulting to 1000
[  131.210522][ T8454] SELinux: failed to load policy
[  131.213338][ T8438] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1707'.
[  131.357693][ T8449] wg1 speed is unknown, defaulting to 1000
[  131.389703][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.478538][ T8471] vcan0: entered allmulticast mode
[  131.489501][ T8471] vcan0: left allmulticast mode
[  131.507290][ T8471] loop5: detected capacity change from 0 to 512
[  131.515501][ T8471] EXT4-fs: Ignoring removed bh option
[  131.523522][ T8471] EXT4-fs: Ignoring removed bh option
[  131.546732][ T8471] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  131.558166][ T8471] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  131.597797][ T8471] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  131.632233][ T8471] EXT4-fs (loop5): orphan cleanup on readonly fs
[  131.640100][ T8486] can: request_module (can-proto-0) failed.
[  131.646911][ T8471] EXT4-fs warning (device loop5): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  131.671686][   T30] kauditd_printk_skb: 251 callbacks suppressed
[  131.671704][   T30] audit: type=1326 audit(1750596717.992:7717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8483 comm="syz.4.1724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f772b16e929 code=0x7ffc0000
[  131.710019][ T8486] netlink: 'syz.4.1724': attribute type 29 has an invalid length.
[  131.717958][ T8486] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1724'.
[  131.727085][   T30] audit: type=1326 audit(1750596718.022:7718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8483 comm="syz.4.1724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f772b16e929 code=0x7ffc0000
[  131.750670][   T30] audit: type=1326 audit(1750596718.022:7719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8483 comm="syz.4.1724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f772b16e929 code=0x7ffc0000
[  131.774277][   T30] audit: type=1326 audit(1750596718.022:7720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8483 comm="syz.4.1724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f772b16e929 code=0x7ffc0000
[  131.797834][   T30] audit: type=1326 audit(1750596718.022:7721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8483 comm="syz.4.1724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f772b16e929 code=0x7ffc0000
[  131.821235][   T30] audit: type=1326 audit(1750596718.022:7722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8483 comm="syz.4.1724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f772b16e929 code=0x7ffc0000
[  131.844799][   T30] audit: type=1326 audit(1750596718.022:7723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8483 comm="syz.4.1724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f772b16e929 code=0x7ffc0000
[  131.868413][   T30] audit: type=1326 audit(1750596718.022:7724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8483 comm="syz.4.1724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f772b16e929 code=0x7ffc0000
[  131.872774][ T8486] loop4: detected capacity change from 0 to 8192
[  131.892016][   T30] audit: type=1326 audit(1750596718.072:7725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8483 comm="syz.4.1724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f772b16e929 code=0x7ffc0000
[  131.898411][ T8471] EXT4-fs (loop5): Cannot turn on quotas: error -22
[  131.921663][   T30] audit: type=1326 audit(1750596718.072:7726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8483 comm="syz.4.1724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f772b16e929 code=0x7ffc0000
[  131.930425][ T8471] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.1715: Invalid block bitmap block 0 in block_group 0
[  131.966493][ T8471] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  131.976023][ T8471] EXT4-fs (loop5): 1 orphan inode deleted
[  131.983372][ T8471] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  131.996422][ T8471] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.076726][ T8503] netlink: 'syz.1.1729': attribute type 11 has an invalid length.
[  132.084783][ T8503] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1729'.
[  132.135833][ T8508] loop2: detected capacity change from 0 to 512
[  132.142715][ T8508] EXT4-fs: dax option not supported
[  132.187659][ T8505] wg1 speed is unknown, defaulting to 1000
[  132.194489][ T8508] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1728'.
[  132.450016][ T8532] loop4: detected capacity change from 0 to 2048
[  132.481716][ T8535] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1740'.
[  132.505941][ T8532]  loop4: p2 p3 p7
[  132.669909][ T8544] syzkaller0: entered allmulticast mode
[  132.676330][ T8544] syzkaller0 (unregistering): left allmulticast mode
[  132.836687][ T8551] wg1 speed is unknown, defaulting to 1000
[  132.951604][ T8562] can: request_module (can-proto-0) failed.
[  132.960137][ T8562] netlink: 'syz.1.1749': attribute type 29 has an invalid length.
[  132.968216][ T8562] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1749'.
[  133.023659][ T8562] loop1: detected capacity change from 0 to 8192
[  133.034723][ T8569] loop5: detected capacity change from 0 to 2048
[  133.073769][ T8571] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1753'.
[  133.096654][ T8569]  loop5: p2 p3 p7
[  133.121662][ T8569] netlink: 64 bytes leftover after parsing attributes in process `syz.5.1752'.
[  133.136170][ T8571] loop1: detected capacity change from 0 to 8192
[  133.203869][ T8571]  loop1: p1 p3 p4
[  133.207685][ T8571] loop1: p1 size 8390912 extends beyond EOD, truncated
[  133.215463][ T8571] loop1: p3 size 589824 extends beyond EOD, truncated
[  133.412940][ T8585] wg1 speed is unknown, defaulting to 1000
[  133.611530][ T8604] loop4: detected capacity change from 0 to 2048
[  133.658711][ T8604]  loop4: p2 p3 p7
[  133.669182][ T8587] loop1: detected capacity change from 0 to 512
[  133.680641][ T8587] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  133.708122][ T8587] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  133.723283][ T8587] ext4 filesystem being mounted at /362/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  133.839050][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.930419][ T8615] loop1: detected capacity change from 0 to 8192
[  133.981342][ T8615]  loop1: p1 p3 p4
[  133.985741][ T8615] loop1: p1 size 8390912 extends beyond EOD, truncated
[  133.994074][ T8615] loop1: p3 size 589824 extends beyond EOD, truncated
[  134.006860][ T8618] can: request_module (can-proto-0) failed.
[  134.015511][ T8618] netlink: 'syz.5.1770': attribute type 29 has an invalid length.
[  134.053139][ T8618] loop5: detected capacity change from 0 to 8192
[  134.145483][ T8628] loop1: detected capacity change from 0 to 1024
[  134.152580][ T8628] EXT4-fs: Ignoring removed nobh option
[  134.158230][ T8628] EXT4-fs: Ignoring removed bh option
[  134.173102][ T8628] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  134.197450][ T8634] loop2: detected capacity change from 0 to 164
[  134.214752][ T8634] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  134.240714][ T8628] wg1 speed is unknown, defaulting to 1000
[  134.247485][ T8634] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  134.262707][ T8639] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4113: comm syz.1.1774: Allocating blocks 497-513 which overlap fs metadata
[  134.281208][ T8634] Symlink component flag not implemented
[  134.286914][ T8634] Symlink component flag not implemented
[  134.293208][ T8634] Symlink component flag not implemented (7)
[  134.299227][ T8634] Symlink component flag not implemented (116)
[  134.305557][ T8639] EXT4-fs (loop1): pa ffff888106e278c0: logic 256, phys. 369, len 9
[  134.313755][ T8639] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[  134.324503][ T8639] EXT4-fs error (device loop1): mb_free_blocks:1948: group 0, inode 18: block 129:freeing already freed block (bit 8); block bitmap corrupt.
[  134.358916][ T8638] __nla_validate_parse: 4 callbacks suppressed
[  134.358933][ T8638] netlink: 72 bytes leftover after parsing attributes in process `syz.5.1777'.
[  134.388993][ T8638] netlink: 92 bytes leftover after parsing attributes in process `syz.5.1777'.
[  134.400140][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.472930][ T8651] loop2: detected capacity change from 0 to 512
[  134.488422][ T8647] can: request_module (can-proto-0) failed.
[  134.495575][ T8653] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1782'.
[  134.497970][ T8651] EXT4-fs: dax option not supported
[  134.535833][ T8655] loop1: detected capacity change from 0 to 2048
[  134.555224][ T8647] netlink: 'syz.5.1781': attribute type 29 has an invalid length.
[  134.563241][ T8647] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1781'.
[  134.564784][ T8651] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1778'.
[  134.595077][ T8653] loop4: detected capacity change from 0 to 8192
[  134.643305][ T8653]  loop4: p1 p3 p4
[  134.647958][ T8655]  loop1: p2 p3 p7
[  134.651777][ T8653] loop4: p1 size 8390912 extends beyond EOD, truncated
[  134.659172][ T8653] loop4: p3 size 589824 extends beyond EOD, truncated
[  134.667049][ T8647] loop5: detected capacity change from 0 to 8192
[  134.679052][ T8655] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1783'.
[  134.759285][ T8670] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1787'.
[  134.863550][ T8680] loop2: detected capacity change from 0 to 2048
[  134.879209][ T8682] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1792'.
[  134.889080][ T8682] netlink: 92 bytes leftover after parsing attributes in process `syz.4.1792'.
[  134.897164][ T8672] wg1 speed is unknown, defaulting to 1000
[  134.942624][ T8680]  loop2: p2 p3 p7
[  135.021771][ T8695] loop4: detected capacity change from 0 to 512
[  135.028320][ T8695] EXT4-fs: dax option not supported
[  135.062100][ T8695] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1795'.
[  135.179969][ T8702] can: request_module (can-proto-0) failed.
[  135.197366][ T8702] netlink: 'syz.3.1798': attribute type 29 has an invalid length.
[  135.405920][ T8722] loop1: detected capacity change from 0 to 164
[  135.413584][ T8722] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  135.425314][ T8722] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  135.434640][ T8722] Symlink component flag not implemented
[  135.440429][ T8722] Symlink component flag not implemented
[  135.440858][ T8724] FAULT_INJECTION: forcing a failure.
[  135.440858][ T8724] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  135.446462][ T8722] Symlink component flag not implemented (7)
[  135.459313][ T8724] CPU: 0 UID: 0 PID: 8724 Comm: syz.4.1804 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(voluntary) 
[  135.459349][ T8724] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  135.459448][ T8724] Call Trace:
[  135.459458][ T8724]  <TASK>
[  135.459469][ T8724]  __dump_stack+0x1d/0x30
[  135.459501][ T8724]  dump_stack_lvl+0xe8/0x140
[  135.459530][ T8724]  dump_stack+0x15/0x1b
[  135.459617][ T8724]  should_fail_ex+0x265/0x280
[  135.459677][ T8724]  should_fail+0xb/0x20
[  135.459716][ T8724]  should_fail_usercopy+0x1a/0x20
[  135.459765][ T8724]  _copy_from_user+0x1c/0xb0
[  135.459811][ T8724]  __x64_sys_sendfile64+0x88/0x150
[  135.459863][ T8724]  x64_sys_call+0xb39/0x2fb0
[  135.459967][ T8724]  do_syscall_64+0xd2/0x200
[  135.459998][ T8724]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  135.460036][ T8724]  ? clear_bhb_loop+0x40/0x90
[  135.460144][ T8724]  ? clear_bhb_loop+0x40/0x90
[  135.460196][ T8724]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  135.460226][ T8724] RIP: 0033:0x7f772b16e929
[  135.460296][ T8724] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  135.460323][ T8724] RSP: 002b:00007f77297d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  135.460352][ T8724] RAX: ffffffffffffffda RBX: 00007f772b395fa0 RCX: 00007f772b16e929
[  135.460401][ T8724] RDX: 0000200000000040 RSI: 0000000000000005 RDI: 0000000000000005
[  135.460418][ T8724] RBP: 00007f77297d7090 R08: 0000000000000000 R09: 0000000000000000
[  135.460436][ T8724] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  135.460453][ T8724] R13: 0000000000000000 R14: 00007f772b395fa0 R15: 00007fff079759a8
[  135.460528][ T8724]  </TASK>
[  135.637447][ T8722] Symlink component flag not implemented (116)
[  135.674007][ T8731] loop1: detected capacity change from 0 to 1024
[  135.701899][ T8731] EXT4-fs: Ignoring removed nobh option
[  135.707561][ T8731] EXT4-fs: Ignoring removed bh option
[  135.724292][ T8731] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  135.789767][ T8731] wg1 speed is unknown, defaulting to 1000
[  135.804551][ T8739] hub 4-0:1.0: USB hub found
[  135.813183][ T8739] hub 4-0:1.0: 8 ports detected
[  135.820062][ T8740] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4113: comm syz.1.1807: Allocating blocks 497-513 which overlap fs metadata
[  135.879586][ T8740] EXT4-fs (loop1): pa ffff888106e279a0: logic 256, phys. 369, len 9
[  135.887774][ T8740] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[  135.901284][ T8740] EXT4-fs error (device loop1): mb_free_blocks:1948: group 0, inode 18: block 129:freeing already freed block (bit 8); block bitmap corrupt.
[  136.011111][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.059496][ T8746] ==================================================================
[  136.067660][ T8746] BUG: KCSAN: data-race in mas_state_walk / mas_wr_store_entry
[  136.075272][ T8746] 
[  136.077620][ T8746] write to 0xffff88811df12210 of 8 bytes by task 8745 on cpu 0:
[  136.085308][ T8746]  mas_wr_store_entry+0x1581/0x2b50
[  136.090558][ T8746]  mas_store_prealloc+0x74d/0x9e0
[  136.095630][ T8746]  commit_merge+0x6a5/0x730
[  136.100165][ T8746]  vma_expand+0x1d0/0x370
[  136.104530][ T8746]  vma_merge_new_range+0x296/0x310
[  136.109681][ T8746]  mmap_region+0x9fa/0x1580
[  136.114231][ T8746]  do_mmap+0x9b3/0xbe0
[  136.118350][ T8746]  vm_mmap_pgoff+0x17a/0x2e0
[  136.122983][ T8746]  ksys_mmap_pgoff+0xc2/0x310
[  136.127698][ T8746]  x64_sys_call+0x1602/0x2fb0
[  136.132438][ T8746]  do_syscall_64+0xd2/0x200
[  136.136988][ T8746]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  136.142905][ T8746] 
[  136.145251][ T8746] read to 0xffff88811df12210 of 8 bytes by task 8746 on cpu 1:
[  136.152819][ T8746]  mas_state_walk+0x2f5/0x650
[  136.157531][ T8746]  mas_walk+0x30/0x120
[  136.161643][ T8746]  lock_vma_under_rcu+0xa2/0x2f0
[  136.166617][ T8746]  do_user_addr_fault+0x233/0x1090
[  136.171757][ T8746]  exc_page_fault+0x62/0xa0
[  136.176298][ T8746]  asm_exc_page_fault+0x26/0x30
[  136.181179][ T8746] 
[  136.183520][ T8746] value changed: 0x00007fb4c4946fff -> 0xffffffff855ec840
[  136.190659][ T8746] 
[  136.193002][ T8746] Reported by Kernel Concurrency Sanitizer on:
[  136.199169][ T8746] CPU: 1 UID: 0 PID: 8746 Comm: syz.1.1811 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(voluntary) 
[  136.211602][ T8746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  136.221668][ T8746] ==================================================================