last executing test programs:

18m32.69058694s ago: executing program 4 (id=71):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x4, 0x8010, r0, 0x0)
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0xffffffff, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x18, 0x0, 0x0, &(0x7f0000000200)='syzkaller\x00', 0x5, 0x1003, &(0x7f0000001e40)=""/4099, 0x0, 0x9, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000940)=@framed={{0x18, 0x9}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r2}}]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000200)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x8080, &(0x7f00000000c0)=ANY=[], 0x0, 0x31b, &(0x7f0000001300)="$eJzs3U1oI2UYwPEn/dik1TZBVHBBfXQvKhI2OXgS1rC0IgZWdCOrC8LUTjR0TEomRFOkSaHQiwcvfp1VECkUxIMglHrwINJSeu+ttx6sJ6V+vDKdmTbRJI1pa136/x2ah3meZ2b6vm+H9k1pd59+/63fjDH5fWOMRGTgGWlEvAMe8TXk8bdXNh986ZVXn89ksxMvqk5mbqbSqjr+8Ortd5cfXavc9fLX499GZT3x2u5eemf9/vUHdv+8+WbB1YKrxVJFLZ0qlSrWlGPr9IfuTFL1Bce2XFsLRdcut+TzTml2tqZWcfru0dmy7bpqFWs6Y9e0UtJKuabWG1ahqMlkUsdGBV3ERJarn2S8cKBtQe7LX42RvcqPxkQbEsx47D++S5wjDV6P5v+9zsXXx0Tkhz9aHg64ozU91GMizlI1V835r34+k5eCOGLLVYnL7+KtEfPpij//3sd30ivZrSe+/041mpB5px7016u5wdb+lMQlMRxc9ah/MiITKfW19g/LaHN/WuJyr98Trr+D/ueyE+m2/ZfksStN/UmJy9brUhJHNlYf+WXnxtJHYf98SvX6jexB/4CE/SMyHQ5STL74+VxmBwAAAAAAAACA/iT1UNv9+6RXsDinqmMJmQ/fRfTyfhTsr0ea3x/4+/781bb780Nyeej8Pm8AAAAAAC4St7YYRLW5Gctx7LLbV+D9KO8FsS419437NeERY0z9RBc9rSAm/XRFeyv+bOG4mhEJjzw02f2EV64NbgTT1ThKDZ9gBp/qnLpsjDnp8HrLouzu32pOxfu41cbBr6X3VjwkPZ1Zgt2nbjUxERk8/Eo55oQj8i/H56dTWb2R4P461zx7e/urY89z6R/j08laU7xwuk8jAAAAAGfJ/15/2y6716Se/6Zav/XkBz22mvgZ3xsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABdFH39ybOPjdin1gns+D49sNqXaXjiyx7+RBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/wt/BQAA//97Ccli")
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r2}, &(0x7f0000000540), &(0x7f0000000580)=r3}, 0x20)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$LINK_DETACH(0x22, 0x0, 0x0)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000007c0)={r2, &(0x7f0000000780)}, 0x20)
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000180)=ANY=[], 0x13, 0xa10, &(0x7f00000001c0)="$eJzs3c1vXGe9B/Dv8UviulWStrm9vVGbTNKb1G19Hdu5TW7UxSWxJ4mLX5DtSI1YNKVxUBRDoQWprZBIJWBFBRKIBewqVqwqdUM3qDvYwYoFEuq/UCEWYWV0zoyTsT1jO2lsp+nnY83Mefmd5/mdOS+PZ3x8nrCzLj+y3twba6Ys7V0xtrRUPe5y/OLvPk/qfPGdHf/0gw/fLx/v3ciudOfF4vdJX5Ja0pPkyaR3bHx2ZmqDgq4nl5N8khRJdqfxuimXU/wsLYfBJyl+U9bb0a7NlsxGlvhS2+n9DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7kfF2Pjw8EixKxPTF1+pNSS1NcbGZ2eKLC2tnbO8TMPHVa/fxccb1psU5SN9fctdfT+5//bsJ5LUjuSpxthTVYfk6cu7Dz+x76XHe7qWl++Uzeeye/PFvvXOu9dfW1xceHNLErn/na9PT8zNTEydOV+vTczN1E6fPDl8/MK5udq5icn63KW5+fpUbWy2fmZ+ZrY2MPZcbeT06RO1+tClmYvT58eHJuvLE0/9z+jw8Mnay0Nfq5+ZnZuZPv7y0NzYhYnJyYnp81VMObuMOVXuiF+dmK/N189M1WpXry0unFiVU3dW7b9l0MhGa1IGjW4UNDo8OjoyMjo68l6z9+xbE06+ePrFU8PDPcOrZE3EFu203F8e6ryZ7/1JHO5SV6P9TyYzkelczCuptf0Zy3hmM5OpDvObltv/o8fr69bb2v43W/meltkHyqcjOdic2Neh/e+Qy/b9vJV38m6u57UsZjELeXPHM9ren/OpZzoTmctMJjKVM9WUWnNKLadzMicznFdzIYcyl1rOZSKTqWculzKX+dSrPWoss6nnTOYzk9nUMpCxPJdaRnI6p3MitdQzlEuZycVM53zGc6Yq5WquVe/7iXVyvBU0spmg0XWC1jTmd9z+11f/csKXzlacxuGuLDXb/10bhw6MbUdCAAAAwD33X3/Knv2P/fHvSZGnq+/lz01M1od3Oi0AAADgHqou13uqfOkth55O4fM/AAAAPGiKHGx+C9CfQ42h5f+E8iUAAAAAPCCqv/8fTHHo9gSf/wEAAOAB89DyQMd77G94F/5icPn2v7UrjdcrzYjGWNF/bmKyPjQ2M/nSSI5Vdxmo/tNgTWndSdFb/fvB8znciDrc33jtv11iWWdfGTUy9NJIns+RRsSRgWfKl2cG2kSONiKfbUQ+2xrZnRWRJ8pIAHjQHWnfHhebbP97VxQ2eKBq8nsOtGmDh7WsAHC/OFJd/5/kX80uzdp8/m9GHOz0+f9/V33+77mysv1/LFcPNS4pGMrreSOLuZLBNK84ONSu1OXeCBqXIQxu8G1Af/OShb+c6srgmu8D+m6ta2vsQkYz2PYbgZZyi+UcTjTiurdoIwDANjuybju8ufZ/MIONiA6f//tdUggA95VbPdhv4cBOryMAsJJWGgAAAAAAAAAAAAAAAAAAAAAAAAAAAO69Td3A/8/HksXFhWQbOgu4NdB3JxmuP9CVbcp5xwe6k+xU7f+fO16q3Mb3y1v34A38+J+NI+juFt/JsxIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADbpUi6203vSnYnGU5yfPuz2jo3djqBe6W27tz3Os0obuZm3s6erUgJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODLrHn//640Xh9uTEpPV3I0yeUkX9/pHO+lmzudwI75VvXccv//rqQ3S7nR0+wAougdG5+dmSo3f7G7nP/pBx++Xz42LnttrwplAWUNKzqXaNbQMqV35VKPVkv1jy+8df17b3ynNn622jHPzp+bHJ86P/uV24FPFB81ukBo7QZhOd8fHP3Dz1sm72pW/lF6OuW/ut5zVb3ja+v9z3ZLd6h3E64tLoyWNc3XX5n//revvd0y67EcTp4ZSAZW1vTN8tGhpsOr38+Vis+KnxR78qtcrrZ/+W4US0W5ifZW6//Q1WuLC0Ovv7F45VZOP1yR074cSnIl6VuZ0/Jou5wOVeeTth6uau0tax2ugsqn/Rus47paShzp8L4+Wu0y/WvWYb06a53XobLB+97M6ETbjH7x3cdz7I639LENamyr+Kz4W3Ehf82PWvr/6Cq3/9G0PTrbFFFFtuwprfNWHF5djchqzUdbZ7y6usyORyVb4Kf5Rv7v1vbvWirK97/luNmm81FLje2Pi+TOj4vf7l3TotxWtUj7V7VIzbNPp2Waee5vRHXI8z/yQtJz4I7OKC9scEbZquP/18VA/pEb+v8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADuf0XS3W56V3I0yb4ke8vxWrK0OubGXdTX1V/cTZr3zN3k/MVTdFzR4mZu5u3s2e6MAAAAAAAAANgaZ8c//eDD98tH9ff47vx3V3NOLelJsq/4Ze/Y+OzM1AYF9SaXl/+k33dnOVwunx65Pf5JOfbkBgvt7OUDAPCF9u8AAAD//yjzadA=")
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="120100001736e7202d15390500000000030109021b00020000000009040005004c55de000904"], 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x4894, 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x4)

18m31.758859474s ago: executing program 4 (id=80):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000100000000000000000000009500"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
timer_create(0x0, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, r1, 0x0, 0xfffffffffffffffd, 0x0)
write$binfmt_misc(r1, &(0x7f0000000e00)="32ef1b0f2bcab97d8dbc26dfc5ba03c9518a45b5c10e5de1bcc9a3920f20ce9a413c48bfcd2c5d5e910aab845ac967f7a74284eb216cc5ffe9db7306518aead6d1c07f0e7af682b73efce8b2432d493a0daaaab44a67ebe9792ed65dbd05df9eecfe80d81100000000", 0xffffff36)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r3, 0xffffffffffffffff, 0x0)

18m31.546445568s ago: executing program 4 (id=82):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x200000, &(0x7f0000000180)={[{@delalloc}, {@noload}, {@acl}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x1, 0x783, &(0x7f0000001000)="$eJzs3c9rHFUcAPDvbJKmSauJIGg9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQg4tIngRVDwIeunZH/Xm1R9X/S88SEvVtFjxIJHZH+222U03bXY3kM8HXva9mdm89903P97sDDsB7FkT6Z9MxKGI+DiJGKtPTyJiqJobjDhRW+72+lo+TUlsbLz9Z1Jd5tb6Wj6a3pM6UC88HRE/fRBxOLO53vLK6nyuWCws1ctTlYXzU+WV1SPnFnJzhbnC4rHpmZmjx186fmznYv3719WD1z954/lvT/z7/lNXP/o5iRNxsD6vOY6dMhET9c9kKP0I7/H6TlfWZ0m/G8BDSTfNgdpWHodiLAaquTZGetkyAKBbNgCAPSgxBgCAPabxPcCt9bV8I/X3G4neuvFaROyvxd+4vlmbM1i/Zre/eh109FZyz5WRJCLGd6D+iYj48vt3v05T1PvBtTSgFy5djogz4xOb9//JpnsWtuuFrWZuDFdfJu6bvNeOP9BPP6Tjn5dbjf8yd8Y/0WL8M9xi230YD97+M9d2oJq20vHfq033tt1uir9ufKBeeqw65htKzp4rFtJ92+MRMRlDw2l5urpo65Hb5M3/brarv3n899en732V1p++3l0ic21w+N73zOYquUeNu+HG5YhnBlvFn9zp/6TN+PdUh3W8+cqHX7Sbl8afxttIm+Pvro0rEc+17P+7fZlseX/iVHV1mGqsFC1899vno+3qb+7/NKX1N84FeiHt/9Gt4x9Pmu/XLG+/jl+ujP3Ybt6D42+9/u9L3qnm99WnXcxVKkvTEfuStzZPP3r3vY1yY/k0/slnW2//tWpbr//pOeGZDuMfvP7HNw8ff3el8c9uq/+3n7l6e36gXf2d9f9MNTdZn9LJ/q/TBj7KZwcAAAAAAAAAAAAAAAAAAAAAAAAAncpExMFIMtk7+Uwmm609w/vJGM0US+XK4bOl5cXZqD4rezyGMo2fuhxr+j3U6frv4TfKR+8rvxgRT0TEZ8Mj1XI2XyrO9jt4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKg70Ob5/6nfh/vdOgCga/b3uwEAQM85/gPA3rO94/9I19oBAPSO838A2Hs6Pv6f6W47AIDecf4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAl506eTJNG/+sr+XT8uyFleX50oUjs4XyfHZhOZ/Nl5bOZ+dKpbliIZsvLbT9R5dqL8VS6fxMLC5fnKoUypWp8srq6YXS8mLl9LmF3FzhdGGoZ5EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQOfKK6vzuWKxsCSzZWZkdzRj12QGY1c0Q6Zrmea9xEj/dlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu9z/AQAA//+MoS4e")
r0 = open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
r1 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
ftruncate(r1, 0x2007ffb)
sendfile(r0, r1, 0x0, 0x1000000201005)
write$rfkill(r1, &(0x7f0000000040)={0x6, 0x4, 0x3, 0x1}, 0x8)

18m30.344157786s ago: executing program 4 (id=95):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f00000006c0), 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x141842, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000500)='./bus\x00', 0x0, 0x0)
read$msr(r0, &(0x7f0000000540)=""/237, 0xed)

18m29.895492883s ago: executing program 4 (id=102):
ioperm(0x3, 0x4, 0x1000008)
syz_mount_image$ext4(&(0x7f0000000540)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x88, &(0x7f0000000140)={[{@nogrpid}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@errors_remount}, {@nodiscard}, {@quota}]}, 0x3, 0x438, &(0x7f0000000580)="$eJzs289rHFUcAPDv7GZT01+Jpf5oWjVaxeCPpElr7cGLouBBQdBDPcYkLbHbRpoItgSNIvUoBe/iUfAv8KQXUU8Fr3oXoUgurZ5WZncm2d1sfnaTrd3PByb5vpm3vPfNzNt9My8bQNcaSn8kEfsj4veI6K8VGysM1X7dXlqY/GdpYTKJSuXtv5NqvVtLC5N51fx1+/JCT0Th8ySOtmh37srVCxPl8vTlrDw6f/GD0bkrV5+fuThxfvr89KXxM2dOnRx78fT4C23JM83r1uDHs8eOvP7u9Tcnz15/75fvkjz/pjzaZGi9g09VKm1urrMO1MVJTwc7wpYUa8M0StXx3x/FWDl5/fHaZx3tHLCjKpVK5cG1Dy9WgHtYEp3uAdAZ+Qd9ev+bb7s09bgr3Hy5dgOU5n0722pHeqKQ1Sk13d+201BEnF389+t0i515DgEA0OCHdP7zXKv5XyHqnwsdzNZQBiLi/og4FBGnI+JwRDwQUa37UEQ8vMX2mxdJVs9/Dm4rr81K538vZWtbjfO/fPYXA8WsdKCafyk5N1OePpH1bDhKe9Ly2Dpt/Pjqb1+2PJA1kc//0i1tP58LZpX+6tnT+LKpifmJO8m53s1PIwZ7WuWfLK8EJBFxJCIGt9nGzDPfHlvr2NCG+a+jDetMlW8inq6d/8Voyj+XrL8+OXpflKdPjOZXxWq/3rj21lrt31H+bZCe/70tr//l/AeS+vXaua23ce2PL9a8p9k4/9bXf2/yTsO+jybm5y+PRfQmb9Q6Xb9/vKne+Er9NP/h463H/6FY+UscjYj0In4kIh6NiMeyvj8eEU9ExPHVqd3ozYKfX3ny/WpQ2k7+OyvNf2pL538l6I3mPa2D4oWfvm9odGAr+afn/1Q1Gs72bOb9bzP92t7VDAAAAP8/hYjYH0lhZDkuFEZGav/Dfzj2Fsqzc/PPnpv98NJU7TsCA1Eq5E+6+uueh45lt/V5ebypfDJ7bvxVsa9aHpmcLU91OnnocvvWGP+pP4ud7h2w43xfC7qX8Q/dy/iH7mX8Q/dqMf77OtEPYPe1+vz/pAP9AHZf0/i37AddxP0/dC/jH7qX8Q9daa4vNv6SvECwKojCXdENwQ4FnX5nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaI//AgAA//9Lr+a0")
prlimit64(0x0, 0xe, 0x0, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
listxattr(0x0, 0x0, 0x0)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000c62)
close(0xffffffffffffffff)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
lseek(r0, 0xbfffffffffffffff, 0x0)
getdents64(r0, 0x0, 0x22)
unshare(0x4000600)

18m28.690551992s ago: executing program 4 (id=110):
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000012c0)={[{@usrquota}, {@acl}]}, 0xfe, 0x244, &(0x7f0000000400)="$eJzs3T9oJFUcB/DvzO565m6RUxtB/AMiooFwdoJNbBQCEoKIoEJExEZJhJhgl1jZWGitksomiJ3RUtIEG0WwipoiNoIGC4OFFiu7k0hMVqNu3Dkynw9MZibz3vzesPN9u83sBmisq0mmk7SSTCbpJCmON7i7Wq4e7q5PbM8nvd4TPxWDdtV+5ajflSRrSR5KslUWeamdrGw+s/fLzmP3vbncuff9zacnxnqRh/b3dh8/eG/2jY9mHlz54qsfZotMp/un6zp/xZD/tYvklv+j2HWiaNc9Av6Judc+/Lqf+1uT3DPIfydlqhfvraUbtjp54N2/6vv2j1/ePs6xAuev1+v03wPXekDjlEm6KcqpJNV2WU5NVZ/hv2ldLl9eXHp18sXF5YUX6p6pgPPSTXYf/eTSx1dO5P/7VpV/4OLq5//JuY1v+9sHrbpHA4zFHdWqn//J51bvj/xD48g/NJf8Q3PJPzSX/ENzyT80l/zDBdb5+8PyD80l/9Bc8g/NdTz/AECz9C7V/QQyUJe65x8AAAAAAAAAAAAAAAAAAOC09Ynt+aNlXDU/eyfZfyRJe1j91uD3iJMbB38v/1z0m/2hqLqN5Nm7RjzBiD6o+enrm76rt/7nd9Zbf3UhWXs9ybV2+/T9Vxzef//dzWcc7zw/YoF/qTix//BT461/0m8b9daf2Uk+7c8/14bNP2VuG6yHzz/ds79i+Uyv/DriCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABib3wMAAP//+kBtTA==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x6f)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000005c0))
ioctl$EXT4_IOC_MIGRATE(r0, 0x6609)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101042, 0x174)
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000140))

18m28.668973062s ago: executing program 32 (id=110):
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000012c0)={[{@usrquota}, {@acl}]}, 0xfe, 0x244, &(0x7f0000000400)="$eJzs3T9oJFUcB/DvzO565m6RUxtB/AMiooFwdoJNbBQCEoKIoEJExEZJhJhgl1jZWGitksomiJ3RUtIEG0WwipoiNoIGC4OFFiu7k0hMVqNu3Dkynw9MZibz3vzesPN9u83sBmisq0mmk7SSTCbpJCmON7i7Wq4e7q5PbM8nvd4TPxWDdtV+5ajflSRrSR5KslUWeamdrGw+s/fLzmP3vbncuff9zacnxnqRh/b3dh8/eG/2jY9mHlz54qsfZotMp/un6zp/xZD/tYvklv+j2HWiaNc9Av6Judc+/Lqf+1uT3DPIfydlqhfvraUbtjp54N2/6vv2j1/ePs6xAuev1+v03wPXekDjlEm6KcqpJNV2WU5NVZ/hv2ldLl9eXHp18sXF5YUX6p6pgPPSTXYf/eTSx1dO5P/7VpV/4OLq5//JuY1v+9sHrbpHA4zFHdWqn//J51bvj/xD48g/NJf8Q3PJPzSX/ENzyT80l/zDBdb5+8PyD80l/9Bc8g/NdTz/AECz9C7V/QQyUJe65x8AAAAAAAAAAAAAAAAAAOC09Ynt+aNlXDU/eyfZfyRJe1j91uD3iJMbB38v/1z0m/2hqLqN5Nm7RjzBiD6o+enrm76rt/7nd9Zbf3UhWXs9ybV2+/T9Vxzef//dzWcc7zw/YoF/qTix//BT461/0m8b9daf2Uk+7c8/14bNP2VuG6yHzz/ds79i+Uyv/DriCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABib3wMAAP//+kBtTA==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x6f)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000005c0))
ioctl$EXT4_IOC_MIGRATE(r0, 0x6609)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101042, 0x174)
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000140))

3m7.63285165s ago: executing program 5 (id=6159):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r2, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r2, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000740)=[@mask_cswp={0x58, 0x114, 0x9, {{0xc403, 0x5}, &(0x7f0000000140)=0x9, 0x0, 0xe3c, 0x6, 0xbbc, 0xfd9b, 0x0, 0x5}}, @mask_cswp={0x58, 0x114, 0x9, {{0x2a6, 0x9}, 0x0, 0x0, 0x7fff, 0xffffffff9e4f60a7, 0x6, 0x1, 0x38, 0x7}}], 0xb0}, 0x0)

3m7.63203478s ago: executing program 5 (id=6160):
syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x0, &(0x7f00000021c0), 0x1, 0x789, &(0x7f0000001240)="$eJzs3M9rG2caAOB3JlacH96VF/awe8kuJJBAiGzHl+RU91J6CQQCvabGHhvjsRUsObXdQJzeCoU0vrSlUNp7j70WQvoH9FYCLfTWQ6G0qXtoe1GRLCuJIylKYkeJ+zww1veNvpn3fWfkzzPgUQB/W/+v/0gihiLiYkQUm+vTiDjYaB2KWN8at3nv2lR9SaJWu/RzUt8sNmvF1r6S5uvRaGwS/4mIO4WI0+88GreyujY/mefZUrM/Ul24MlJZXTsztzA5m81mi2Pj50fPjY+fGx3ftVpPvHH+8K2vX9vY+OaL6s1jA2eSmGjUHc3adi3QA7aOSSEmdqxf3ItgfZT0MGbgOeQBAEB39ev8A81rs0IU40C3qzQXcAAAAPBSqg3WevVHzyMBAACAF0wS/c4AAAAA2Fvb/wew/WzvXj0H28lPr0bEcLv4A41niCMORSEijmwmDz1+kGxtBs9k/UZE3J5o8/nr5Ynm7kbvNw/vzh7Zbbfr889Eu/knbc0/0Wb+Gdj+7oRn1Hn+ux//QIf572KPMb785L+FjvFvVFbePdYuftKKn3SI/2aP8W9uvHer03u1zyJOtv37kzwUq8v3Q4zMzOXtfrVa6d7589TdzvVHHHkkfpI0oibd67/SY/1vb/46v94l/qnj3c//VvzBh7arfybeb+aRRsSt5mu9v7EjxvGFb796NHKyvh1/usPxb3/+X2/V/2mP9X//+eBKj0MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgIY2IoUjSUqudpqVSxNGI+HccSfNypXp6pry8OF1/L2I4CunMXJ6NRkRxq5/U+2ON9v3+2R398Yj413eHt4LO5VlpqpxP97t4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWo5GxFAkaSki0oj4rZimpVK/swIAAAB23XC/EwAAAAD2nPt/AAAA2P+e9v4/2eU8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgH3t4oUL9aW2ee/aVL0/fXV1eb589cx0VpkvLSxPlabKS1dKs+XybJ6VpsoLj9tfGhFj52N5ZaSaVaojldW1ywvl5cXq5bmFydnsclZ4LlUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwpIYaS5KWIiJttNO0VIr4R0QMRyGZmcuz0Yj4Z0TcLRYG6/2xficNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADArqusrs1P5nm29HI3avurnJ4bkUS8AGl0aHzUPCvdxiTrEXn2Q3Nkn1JNm+GfZT9Plvz1xxyWfjf+14e5CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/qusrs1P5nm2VOl3JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPRX+mMSEfXlZPHE0M53Dya/FxuvEfHWx5c+WJmsVpfG6ut/aa2vfthcf/aBDa8/zxoAAABg33vlSQZv36dv38cDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0qrK6Nj+Z59nSHjbiRr+rBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnsZfAQAA//9bFLc7")
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x810)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
futex_waitv(&(0x7f0000001ac0)=[{0x287, &(0x7f0000000280)=0x8000, 0x82}, {0x10, &(0x7f00000002c0), 0x2}, {0x8000, &(0x7f0000000300)=0x7, 0x2}, {0x6, &(0x7f0000000340)=0xd075, 0x80}, {0xfff, &(0x7f0000000380)=0x7, 0x2}, {0x2a, &(0x7f00000003c0)=0x3, 0x82}, {0x8, &(0x7f0000000400)=0x1, 0x2}, {0x5, &(0x7f0000000440)=0x800, 0x82}, {0x6, &(0x7f0000000480)=0x2, 0x2}, {0x1, &(0x7f00000004c0)=0xfff, 0x82}, {0x8, &(0x7f0000000540)=0x81, 0x2}, {0x2, &(0x7f0000000580)=0x2c5, 0x82}, {0xfffffffffffffffa, &(0x7f0000000600)=0x8, 0x2}, {0x6, 0x0, 0x82}, {0x1, &(0x7f0000000680)=0x5, 0x82}, {0x400, &(0x7f00000006c0)=0x5, 0x41}, {0x8, &(0x7f0000000700)=0x10, 0x2}, {0x3, &(0x7f0000000740)=0xc2d100000000000, 0x82}, {0x1, &(0x7f0000000780)=0x5, 0x82}, {0x80000000, &(0x7f0000000800)=0x2, 0x82}, {0x5, &(0x7f0000000840)=0x6, 0x82}, {0x1b, &(0x7f0000000880)=0x40, 0x82}, {0xffffffff7fffffff, &(0x7f00000008c0)=0x5, 0x2}, {0xb, &(0x7f0000000900)=0xb, 0x82}, {0x1ff, &(0x7f0000000940)=0x6, 0x2}, {0xfcb, &(0x7f0000000980)=0x3, 0x2}, {0x4, &(0x7f00000009c0)=0x4, 0x2}, {0x81, &(0x7f0000000a00)=0x40, 0x82}, {0x3, &(0x7f0000000a40)=0x1, 0x80}, {0x1, &(0x7f0000000a80)=0x3, 0x2}, {0x191fca1d, &(0x7f0000000b00)=0x1, 0x2}, {0x7, &(0x7f0000000b40), 0x82}, {0x9, &(0x7f0000000b80)=0xfffffffffffffc01, 0x82}, {0x5, &(0x7f0000000bc0)=0x4, 0x2}, {0x6, &(0x7f0000000c00)=0x4, 0x2}, {0xa, &(0x7f0000000c40)=0x100000001, 0x2}, {0x7, &(0x7f0000000c80)=0xfce, 0x82}, {0x2, &(0x7f0000000e00)=0x7fff, 0x2}, {0x50, &(0x7f0000000e40)=0x3ff, 0x2}, {0x8, &(0x7f0000000e80)=0x800, 0x2}, {0x4, &(0x7f0000000ec0), 0x82}, {0x401, &(0x7f0000000f00)=0x1, 0x82}, {0xbe6, &(0x7f0000001a00)=0x185, 0x2}, {0x7, &(0x7f0000001a40)=0xfac, 0x2}, {0xfffffffffffff455, &(0x7f0000001a80)=0xe, 0x2}], 0x2d, 0x0, &(0x7f0000001f40)={0x77359400}, 0x1)
pwrite64(r1, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = getpid()
r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r2, 0x0, 0xffffffffffffffff, 0x0)
r4 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r3, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(r4, 0x2401, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
truncate(&(0x7f0000000000)='./file1\x00', 0x100003)

3m6.624430115s ago: executing program 5 (id=6166):
bind$rds(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000c"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
syz_genetlink_get_family_id$fou(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$FOU_CMD_DEL(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000480)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x4}, 0x40)

3m6.270356071s ago: executing program 5 (id=6169):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000280)='./file1\x00', 0x0, &(0x7f0000000240)=ANY=[], 0x1, 0x1237, &(0x7f00000006c0)="$eJzs3E1rXFUYAOB3kon5qPlQ61cXeqgbV5cmC1eCBklBMgupRmgFcWonOOQ6E3KHQERtXbkV/Bfi0p0g/gE3/gWX3bjsQrjivZNk0qStlTJj6fNs7ptz3jfnXA4MnMs99/ab332+s11k2+1BTDUaMbUbke6kSDEVh17ZrK9Xr22ut1obV1K6vP7B6hsppaVXf/noyx8v/jo49+FPSz/Pxm8rH9/+cy0ibv2T/1m3SN0i9fqD1E7X+/1B+3remY5usZOl9F7eaRed1O0Vnb3R/rSd93d3D1K7d2NxYXevUxSp3TtIO52DNOin5nBKvZRlWVpcCO5p5lTLJ3c3bv1wpyzLiLKciaeiLMtyPhbiXDwdi7FULeIz8Ww8F+fj+XghXoyX4uUqa4x3AQAAAAAAAAAAAAAAAAAAAE+A+53/X44V5/8BAAAAAAAAAAAAAAAAAABgDN6/em1zvdXauJLSXET+7f7W/lZ9rfvXt6MbeXTiUizHX1Gd/q/V8eV3WxuXUmUlvslvDutv7m9Nn6xfrT4nMKxvVn2H9at1fTpZPxsLo/VrsRznzx5/7Yz6me8jXn9tpD6L5fj90+hHHjeqsY/rv15N6Z1b9ZziaPwLVd6xRjRG/2yOZ30AAADgUcjSkaP9+9sj+/csO91f74/r+od4PnDX/r4ZF+yhJ644+GKnneedvZPB3KmWBwWNiPjXyfcKGsNHLGfmxFzEf/7PYw2mHrZqerga908+/O7m5G/wcQvm/x/TeKyCif0kMUbHi36y/Y+LR+H8+GcFAAAAAAAAAADAgzyydwajcdb7v82o3yybHR3zrfgqm9wdAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA3O3AsAAAAACDM3zqNjg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgpAAAAP//d+24Qg==")
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000020000000000002000085000000ae00000095"], &(0x7f0000001b80)='GPL\x00', 0x6, 0x0, 0x0, 0x40f00, 0x41, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='kfree\x00', r1}, 0x18)
ioctl$int_in(r0, 0x5421, &(0x7f0000000100)=0x100000001)
setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000180)=0x1, 0x4)
r2 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xff, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = msgget(0x1, 0x2b0)
msgrcv(r3, 0x0, 0x0, 0x2, 0x2000)
r4 = syz_clone(0x60000400, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = getpgid(r4)
r6 = syz_pidfd_open(r5, 0x0)
pidfd_send_signal(r6, 0x21, 0x0, 0x4)
msgrcv(r3, 0x0, 0x0, 0x2, 0x0)
msgctl$IPC_RMID(r3, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe4059d1ed18e2292, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r7}, &(0x7f0000000180), &(0x7f00000001c0)=r2}, 0x20)
pwritev2(r7, &(0x7f00000004c0)=[{&(0x7f0000000140)="920127394319d629e3106b18abbfa49c5677f2c8e128cef36ae698f0e77d4a782a5bcf9c6bfcfd9c1ea18e82d1842c963299539d9af9d709bc45f27c7056dcdedc23a50d50132b716119dfb05f7be48d0a0b4c54ea783a2842f4cfd9b37f7cddd400734750a1133a55965acb9e1412ed049463eae8faa0de0be88841a163217e8ce988ebaa4a1c288e279ec96657de08d97785ea5240a98bfaf7df80bb431d0362de3b023fdf1638c3ce4cbe8470125884569d0e49319abc10f17f554122137ed4e7a183e6190dad9f33c99922444ac9a4e0960d33975d", 0xd7}, {&(0x7f0000000240)="403c71b9ae16e1f2df8b0e5c64d20057985494e461f7f3ffcfd3e35fdfcf77922e5880c24e563b60d288be224598a737119355148b117f7b98d45667ef2e6fd294ffe98c91e5602a7cf00978f0c8daf4a4e01abb2dd7fed1ce51ae7188d5f7d26bb36b246ea6f8c5d03278efb8b0247f7a2a1477cd28c5", 0x77}, {&(0x7f00000002c0)="632ff92f8a0513b8a90f8cdc0cd485390cac82dd152857440a3d3e110db769b143a60e46fa6dece904fdb1aa0958f68950e2922514cbd0282db0a5b32030cab2c1144883d0679fd3b5c14bbcc4eafb20aff87d8a2c7efb961455179b7c86fb6e5a4cc38d1d0e6f0d7d3982236e9b502df4143f6903c4d06ccdb1d9a41ced30812f8abd7cd7411a4ac271e8d4bab19bfeb953124848ee1ab01927af37611d9b96fcceedd362712736c8f4a23caf", 0xad}, {&(0x7f0000000380)="3bfccc9297bb83b2eb22703da0bd8f6dfb51a6426d4c555bd60fa0c1e0c419466ebfd928dde87f1e4524fd77578ffa149c885ea69a54399f4c1d475507f94ae9e64f8610b013dd4d3aedb41555286489c80ecfe3de24cc44f3f54f602aed8ed1c63958dd3f", 0x65}, {&(0x7f0000000400)="774dabe354ff9d6661da9fedc3ae183fc254b5696ddc53d4ad40422de788efbe6d3094e4435df6918327ec4e6a0748407e098e81d6c63e1ac6ed86aa9daf17ff4e9a4f56c7113fe599e920c07ffc57af169033eb9cefce4b0f6d87192377da0d21902687b8d185392794f34a528c0572d0ef2f668ea4d8dacc4cb24ca3750a81a1a17ac14c3f9cee3f62de0c3f276fd6f4372a11169c20db751307b0a2ae30aca6db4d26924c2ab797d5b8dd831710c4d5ffa144244141768609ff467637e6", 0xbf}], 0x5, 0xfffffffd, 0x1ff, 0xe)
recvmsg$unix(r8, &(0x7f0000000600)={&(0x7f0000000580)=@abs, 0x6e, &(0x7f0000000d00)=[{&(0x7f0000000680)=""/94, 0x5e}, {&(0x7f0000000700)=""/67, 0x43}, {&(0x7f0000001640)=""/4096, 0x1000}, {&(0x7f0000002940)=""/4096, 0x1000}, {&(0x7f0000000780)=""/118, 0x76}, {&(0x7f0000000800)=""/184, 0xb8}, {&(0x7f00000008c0)=""/127, 0xffffffffffffffd3}, {&(0x7f0000002780)=""/226, 0xdb}, {&(0x7f0000000c00)=""/229, 0xe5}], 0x9}, 0x102)
openat$sysfs(0xffffff9c, &(0x7f0000000040)='/sys/kernel/address_bits', 0x2a100, 0x4)
syz_mount_image$iso9660(&(0x7f0000002900), &(0x7f0000000000)='./file0\x00', 0x2, &(0x7f00000002c0)=ANY=[], 0x1, 0x5b1, &(0x7f0000001000)="$eJzs3MFv29YZAPDHxK4NBwsGFGvSNEDZtIfsEFeSFwdGBywaTdtsJVEg5cI5DcXiZMHsblg2YMmly6VDgQ077bz1utOO+6d62T/ggRLlybIzuWkbZcDvB8TvUfzI9z2C4QcRIgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEKJks9FoRqGT9Xb34udLNou8e7y0EKbXj/f3rxPNCYsTf0MUQlT9C8vL4eroo6uv/zf2B9WfG+HKaOlKWK6a5fD00hvf/+D1hQvVhotRdCqLl+3xk6e//OTgYP83X2Obo6Ojz6rZfIdpvTTbaS8r86zb3k7jrMzjjfX1xvs7W2W8lXXS8l45SLtxUqTtQV7EN5O7IYSNtThdvZfv9rY32500vpn8MG5ubNy51Wo01uMPV/tpuyjz3vsfrpbJTtbpZL3tYUy1+lbr7XCnOhE/ygbxIG134/jBo4P9tVlJVkHN8wS1ZgW1Gq1Ws9lqNddvb9y+02gs12fr8QcLjSlhepOF+Z+0vHSv1SfKcGF8jXvtW7uIwws6Sv4y7xQAAACA71g0vMceDe/LXx32trJO2jgRcxTNLT0AAADgWzD8an+lvgEQwtUQnf7+DwAAAPx/+/u4c+YzdiGKQtlfisaPqvT33osO21WvfXhx9NHF6T0Otq5Fl+udDJv1hXopSa9Hb46C3hxHf1U3D57/rN8/Q5VHVBSL0bNvlkD4U7g2irl2f9TeH68ZzXZlK+ukq0ne+aAZ2u3LFwbp3uB3nz76fQhFcXTxi173chQePDrYX/35rw7uD3N5Vu3l2WH9C4lTP5Q4mctSmMjlt8fPPdYzvnvyyC8Ob8RUs/6i110ZjduYnP+F0eYXvsb8Pw9vjWLeWhm1Kyfnv1yN2Vw9Y/aTWTT7e+8t1YOdc+ZTWVwfxVy/OTyx3r1Zr1mcyKI1K4vW5PF/oWNxnMW7J7KYPBZrs7JY+4ZZAMzLg+kqdKr+n6q7L3CV+x/VvRqlKuEzq/svZo7yeXhnFPPOtYW6Il0MYeqK3ph1RW+cs66HcHYW/wg3/vbXEHbDjXHw82psNe6fT1TV6PDLaoMvT4/7h1FT/vvhzqWqs3T46/DG4ydPbz06/OTh/sP9T1uttfXGjxqN262wOJxG3ag9AJwhLb6KVgZ/jIoi6/+subHRbA920rjIk4/iItvcTuOsN0iLZKfd207jfpEP8iTvVJ2Ps820jMvdfj+vKklexP28zPaGb36J61e/lGm33RtkSdnvpO0yjZO8N2gng3gzK5O4v/vTTlbupEW8lRdx2U+TbCtL2oMs78Vlvlsk6Wocl2k6EZhtpkefhZBV3V7cL7Juu7gXf5x3drtpvJlW1bI/yKNQ7XA8VtbbyovucLer8z7YAPCKeBzqN9gdv8ru8U/Gq56cWnVmJyzPiJnzFAGAKdNVemneCQEAAAAAAAAAAAAAAKdMPq734/qVPud77O+V7dy9dNaqt+ef2GQnhLDwCqShc87O8quRxmL93/ZF9xOFEGYHf6+KmedVCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADO9p8AAAD//0n5kWY=")
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000940), 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r9 = socket$inet6(0xa, 0x3, 0xff)
setsockopt$inet6_int(r9, 0x29, 0x16, &(0x7f0000fcb000), 0x4)
setsockopt$inet6_int(r9, 0x29, 0x16, &(0x7f0000fcb000)=0x80, 0x4)

3m5.627705941s ago: executing program 5 (id=6179):
bind$rds(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000c"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
r3 = syz_genetlink_get_family_id$fou(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$FOU_CMD_DEL(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002abd7000fbdbdf2502000000060001004e23000006000a004e240000080008000000000088000600e000000208000b00", @ANYRES32=0x0], 0x3c}, 0x1, 0x0, 0x0, 0x4}, 0x40)

3m4.946884411s ago: executing program 5 (id=6180):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0x5}, 0x18)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x4f0, 0x340, 0x25, 0x148, 0x0, 0x60, 0x458, 0x2a8, 0x2a8, 0x458, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x44, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_bond\x00', 'veth0\x00', {0xff}}, 0x0, 0xd0, 0x118, 0x0, {}, [@common=@unspec=@cgroup0={{0x28}, {0x4}}, @common=@unspec=@statistic={{0x38}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x8000, 'syz0\x00', {0x481c}}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x550)

3m4.930426261s ago: executing program 33 (id=6180):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0x5}, 0x18)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x4f0, 0x340, 0x25, 0x148, 0x0, 0x60, 0x458, 0x2a8, 0x2a8, 0x458, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x44, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_bond\x00', 'veth0\x00', {0xff}}, 0x0, 0xd0, 0x118, 0x0, {}, [@common=@unspec=@cgroup0={{0x28}, {0x4}}, @common=@unspec=@statistic={{0x38}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x8000, 'syz0\x00', {0x481c}}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x550)

2m53.119470861s ago: executing program 6 (id=6281):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000000)={0x0, 0xcc}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendmmsg$inet6(r0, &(0x7f0000002840)=[{{&(0x7f0000000080)={0xa, 0x4e27, 0x3, @private0={0xfc, 0x0, '\x00', 0x1}, 0xa}, 0x1c, &(0x7f0000000500)}}], 0x1, 0x8725825c5d8e0b4f)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000100)=ANY=[@ANYRES32=0x0, @ANYRES16=r0], 0x1000f)

2m53.087170291s ago: executing program 6 (id=6282):
connect$can_bcm(0xffffffffffffffff, &(0x7f00000000c0), 0x10)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f0000000000)={0xa, 0x4e20, 0x80, @local, 0x4}, 0x1c, &(0x7f0000000340)=[{&(0x7f00000002c0)="18", 0x1}], 0x1}}], 0x1, 0x110)
shutdown(r1, 0x1)
getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f0000000040)=@sack_info={0x0, 0x0, 0x1}, &(0x7f0000000080)=0xc)
r2 = syz_open_procfs(0x0, &(0x7f0000000340)='oom_score_adj\x00')
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000030000fcdbdf252400000018000180140002006970365f76746930"], 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000880)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r6, 0x0, 0x2}, 0x18)
sendmsg$NFT_BATCH(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000003280)=ANY=[@ANYBLOB="140000001000010000000000000000030000000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000020900010073797a30000000000900030073797a3200000000240b0000060a010400000000000000000100000008000b4000000000fc0a048028000180080001006c6f67001c0002800e00024073797a6b616c6c65720000000800054000000008d00a01800e000100696d6d656469617465000000bc0a0280640002804c0002800900020073797a32000000000900020073797a310000000008000180fffffffc0900020073797a31000000000800034000009c920900020073797a300000000008000180ffffffff14000280080003400000000808000180fffffffb0800014000000002080001400000000b500002804b000100fa62d7ba9ceeacf9aa4f832b78f35731f355d63e192a72aef5e68a05d1b806151b6bd1e2d74abafd383790ad363fdc1b7766748630b48f9beefdb33c86d5835a470b5ffd20d7e9006c0102805c00028008000180fffffffe0900020073797a30000000000900020073797a320000000008000180ffffffff0900020073797a320000000008000180fffffffd0900020073797a310000000008000180fffffffc0800034000000e5628000280080003400000000608000340000000070900020073797a320000000008000180fffffffe540002800900020073797a320000000008000180fffffffe0800034000000000080003400000000008000340000000090900020073797a310000000008000180fffffffe080003400000800108000180fffffffd8e000100818ce881ff18470752e86442e8b77ddcfc7a4c87f05cd36147be26c85cc854cc117db1906007a5a8c298f4724c8c743d46ec7f3ba478d9dfb10bbe9e4fdfc2188d62db9bb1364fed383fe0b0c3fbbab83959470cb0ffb14765c32f10b54d99531d04caaf264214997543a1c63637d9a3a20b7ce9312e545626eb375c88462c198f35cf8a11616de4fa0c000098020280eb00010099c8e680eb4d0e7f78e1fb62226ae541d997c8cb51c5ebd0bb7e2730b61310dcd7525807288a7ad8c00f6aa230a1d1b876ddb0e188384e7c79cd8af94a02451a04d8f116bde38077da45650d82bdd1767b03e3f35bc4a5769e659d8cdb6d9d9d717c78b50f6b3ac899b07a9eaf2c989654de7d6609299bad01ca1f3fa8b6229a6c69627a07f627880e902231b20368f3ae64fd12fc37afeb95f14a4dc3d0bc5f6e2afd0fc8ef6982054cffa703ee1376654019ad6d2add9052c5d2f2e0ba3318f931b2c5f2dcce5cbca6093c64d23b64e2f2061da3dd5983644280de22d592b63b5d7f6b571beb005400010041bbc64da6bacaad1bebec23352accccbca40d6ba87943f82df945bf4ccc5250a0c2b2cb13793380f424b280bfb960885af6df4afa26efa8fcd7a1243389ef3fcf1d709f775a9cd1dfb2b84fd03e5d70f800010001950b7c0ec30534e476b721ba6e82d03078fe63b683918ecbbb9c339c8cdd63689339ac43acd5973f4aac8720a98d18e13b98e11e291f3f3621ed29c717639f84bdd28810da6ae30538775f15e00133741e9de3f96f69ab363752fa962b3c71041ba1e463a91d782a968d9febb648b66e71a6827c53b3be014b785f61c4fd46fef00658f64cdd465edb61ba4c5f00849b2935c485da99a38489ecc29837433ac5446c3922d73153fd8fb2368a5ce4201760ca6778f570b7fcb38be633a02d57c5884b6bcbaf3bc28ca7686edb5d59e1b823a8f0f5ff788625995d51c16413783c6290a9714bd4dcbd2a388139f3e46f69916f335c0002800900020073797a3000000000080003400000000908000180000000000900020073797a3000000000080003400000000808000180fffffffd080003400000000408000340fffffff908000180fffffffb0800034000000003a80002801c000280080003400000020008000340fffffff508000340000000001400028008000340000000050800034000000007720001001c2cce526d2ee30fb33f426450278cb35ac06b1cef15fefc26b5c17a8c9251bed316fccb5588f2e071fc355537fcf458cf14217f16ce4c12a4b559f3e807c94c6cc4f418baebc6024b74b9dbc5ef66dbbe91812ea247db80670c101ed494f105ad9c09b4eaf8d5c133b46a311c1a00001c0302802000028008000180fffffffc0900020073797a320000000008000340000000035c00028008000180fffffffc08000180fffffffc08000180fffffffb0900020073797a300000000008000340000000060900020073797a30000000000900020073797a31000000000900020073797a310000000008000180fffffffbf6000100330e5af714359ac9da33381a13071148dbe4293800e6be0290efbb549850cda132ca27a55553fd77c3067504c4596086f4001f53d49e8111395ebccb983c6b04735a58ab2617dfc62123b09c8dc5a47154667414dc28e8369829764b2e3cc23303a882890bad6d3a70d9e15701ec8c4c15a46d38c9ed6bc8658f8a45a02083f563324a27c649bab7cbcb485c289bd8df0a040128df6891ab48095977e0463f8e3ed7ba6df976ee30768954dfeb3f08c942b2c9384aa0b78baf92ecf5e4d73788afb1bc5a8f7c4b454897cd8bcac7f19cdd949fac66756da3b9311e13362eee317df853f6bc7e4638eb145a1484d3780e09b50000c8000100d5c1e4159bf770e02e6e1ebe911d7513709588175328d2e11f2ebf3f6967c49bedcb2a5459a45272bb8084e3bb55ea7a80166d97ec16457ed7d2a834d9aafdb2a54110ddc7975eaeda4f897ec7d533c27df0ce5ff92cfedadc67fff850ee5d07822d72b27af229d17ad2f8d802ae40d98f373e348a04b4f0270c71f82319de3a0331f165204896e0e448cf7ea0f8eb32a312fda6716f72f0234742fe6708ad0adf587ea21d94b8c8f5080028dda1e21d3d9ac82d8edd12941631b72b692ecc262d6ae12393000100c56deda494a09379df59bad8f0f17376b307ce49571034af728b1c4bf694e3b91406b976944238ab36ccaf40e3d92952ba87aa27af6353a82868c9508577a1b6a349fce75b3e4952b04b9527f496b5555e6db110dec07430b01446635eff12f136dbcb54fd4dc90b02e1bc6488ed74efd9eeb1b6de6e2a234f6c323df5c28a0352d03b34ee4f64ab614078125aa3cc0048000280080003400000000c08000340000000010900020073797a310000000008000180fffffffd0800034000008000080003400000dc5b08000180fffffffc08000180fffffffb2c0202804b000100cece2d8ff50c68c1060c2e691ddc50c6d87b46b4e5f6695010163d98bac2d9d7693cff0ec1e2107f58d3c305c78e5a596df92f1dbe80793dce5424be9e7951890023db7d0b9b2700e5000100f46e4b21dd4b92221713eece21b0e3bfb3fe995725eca78713a8d11ac82a6aefeeeab4720bd136479523ccafa34771afedeafc55275842bb7adb37ff3c93b19d9d5139f8b67ee81e380faa9506e6c8e5956cf7efc9828438d340aa4bfe771769c6ddb2f8c31049c1fc37e8f28812ea0aadd0caa7e32f6bb4b2b7a4473e5fa876c87bf285a503660ea12a0cfff6863a87c64ea83c31e737e278edcad77cb964828c7049d335e25156fd4d1c2faada6a8363794fe487155fbfd7c2e1b8504d4a744357734f51fca0426ffe929280df27411f8a90a067b285e970fa1e403722ae91dd000000f400010073e22ba6603d1c92836887468b100c2dc430efeb2ef19c66bd0582fe94df7b5a20292fdfbd2009980dbf9651685f7713bfb0f42583e452670f29e2cabf848fcdcb7a2067f0b257efd7dc927e540584b08f026e14be231afa797e36410d8ad6cbced8c5d2cce2f5a8b75713e57b3161b5b4ce78f283bf59a04f90bc1c5a4371abed0124c621ecb51b6166ad39f14216c09456232b7ea8dd7058bbbeae8b1c13df7ffa1515a359309683421d783f4fb00547cb06b3f974e65f28397c2c16675436a414b6e28d61800c35bdc05f9837e14491ce0fa7c0fbf6f61dd8f7eceac62373ed913de212a188ad5fa12d0eab8a0b440900010073797a30"], 0xb98}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)

2m53.015904882s ago: executing program 6 (id=6283):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000080000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10)
faccessat(0xffffffffffffffff, 0x0, 0x104)

2m52.939635124s ago: executing program 6 (id=6284):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000280)='./file1\x00', 0x0, &(0x7f0000000240)=ANY=[], 0x1, 0x1237, &(0x7f00000006c0)="$eJzs3E1rXFUYAOB3kon5qPlQ61cXeqgbV5cmC1eCBklBMgupRmgFcWonOOQ6E3KHQERtXbkV/Bfi0p0g/gE3/gWX3bjsQrjivZNk0qStlTJj6fNs7ptz3jfnXA4MnMs99/ab332+s11k2+1BTDUaMbUbke6kSDEVh17ZrK9Xr22ut1obV1K6vP7B6hsppaVXf/noyx8v/jo49+FPSz/Pxm8rH9/+cy0ibv2T/1m3SN0i9fqD1E7X+/1B+3remY5usZOl9F7eaRed1O0Vnb3R/rSd93d3D1K7d2NxYXevUxSp3TtIO52DNOin5nBKvZRlWVpcCO5p5lTLJ3c3bv1wpyzLiLKciaeiLMtyPhbiXDwdi7FULeIz8Ww8F+fj+XghXoyX4uUqa4x3AQAAAAAAAAAAAAAAAAAAAE+A+53/X44V5/8BAAAAAAAAAAAAAAAAAABgDN6/em1zvdXauJLSXET+7f7W/lZ9rfvXt6MbeXTiUizHX1Gd/q/V8eV3WxuXUmUlvslvDutv7m9Nn6xfrT4nMKxvVn2H9at1fTpZPxsLo/VrsRznzx5/7Yz6me8jXn9tpD6L5fj90+hHHjeqsY/rv15N6Z1b9ZziaPwLVd6xRjRG/2yOZ30AAADgUcjSkaP9+9sj+/csO91f74/r+od4PnDX/r4ZF+yhJ644+GKnneedvZPB3KmWBwWNiPjXyfcKGsNHLGfmxFzEf/7PYw2mHrZqerga908+/O7m5G/wcQvm/x/TeKyCif0kMUbHi36y/Y+LR+H8+GcFAAAAAAAAAADAgzyydwajcdb7v82o3yybHR3zrfgqm9wdAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA3O3AsAAAAACDM3zqNjg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgpAAAAP//d+24Qg==")
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000020000000000002000085000000ae00000095"], &(0x7f0000001b80)='GPL\x00', 0x6, 0x0, 0x0, 0x40f00, 0x41, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='kfree\x00', r1}, 0x18)
ioctl$int_in(r0, 0x5421, &(0x7f0000000100)=0x100000001)
setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000180)=0x1, 0x4)
r2 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xff, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = msgget(0x1, 0x2b0)
msgrcv(r3, 0x0, 0x0, 0x2, 0x2000)
r4 = syz_clone(0x60000400, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = getpgid(r4)
r6 = syz_pidfd_open(r5, 0x0)
pidfd_send_signal(r6, 0x21, 0x0, 0x4)
msgrcv(r3, 0x0, 0x0, 0x2, 0x0)
msgctl$IPC_RMID(r3, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe4059d1ed18e2292, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r7}, &(0x7f0000000180), &(0x7f00000001c0)=r2}, 0x20)
r8 = socket$inet6(0xa, 0x3, 0xff)
setsockopt$inet6_int(r8, 0x29, 0x16, &(0x7f0000fcb000), 0x4)
setsockopt$inet6_int(r8, 0x29, 0x16, &(0x7f0000fcb000)=0x80, 0x4)

2m52.297570694s ago: executing program 6 (id=6289):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x40, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = dup(r1)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="580000000206030000000000fffff000000000000900020073797a32000000000500040000000000050005000200000012000300686173683a6e65742c706f727400000005000100070000000c000780080012"], 0x58}}, 0x0)

2m52.139034016s ago: executing program 3 (id=6292):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000017"], 0x54}, 0x1, 0x0, 0x0, 0x4}, 0x4000004)

2m52.112090756s ago: executing program 3 (id=6293):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r2, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r2, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000740)=[@mask_cswp={0x58, 0x114, 0x9, {{0xc403, 0x5}, &(0x7f0000000140)=0x9, 0x0, 0xe3c, 0x6, 0xbbc, 0xfd9b, 0x0, 0x5}}, @mask_cswp={0x58, 0x114, 0x9, {{0x2a6, 0x9}, 0x0, 0x0, 0x7fff, 0xffffffff9e4f60a7, 0x6, 0x1, 0x38, 0x7}}], 0xb0}, 0x0)

2m52.087736207s ago: executing program 3 (id=6295):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a000000020000000110000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf0667000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

2m51.995921658s ago: executing program 6 (id=6296):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x29, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000040)={[{@bsdgroups}, {@nodiscard}, {@noblock_validity}, {@grpjquota}, {@grpjquota}, {@orlov}, {@journal_dev={'journal_dev', 0x3d, 0x8}}, {@nombcache}, {@stripe={'stripe', 0x3d, 0x10}}]}, 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV")
bpf$MAP_CREATE(0x0, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x18)
r5 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000200)={0x114, 0x28, 0x1, 0x4, 0x25dfdbfc, "", [@nested={0x103, 0xf2, 0x0, 0x1, [@typed={0xc, 0x18, 0x0, 0x0, @u64=0xfac08}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x2d}}}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482566956555ee923c65973c0b0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ca475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be", @typed={0x4, 0x20e9}]}]}, 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)

2m51.995487478s ago: executing program 34 (id=6296):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x29, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000040)={[{@bsdgroups}, {@nodiscard}, {@noblock_validity}, {@grpjquota}, {@grpjquota}, {@orlov}, {@journal_dev={'journal_dev', 0x3d, 0x8}}, {@nombcache}, {@stripe={'stripe', 0x3d, 0x10}}]}, 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV")
bpf$MAP_CREATE(0x0, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x18)
r5 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000200)={0x114, 0x28, 0x1, 0x4, 0x25dfdbfc, "", [@nested={0x103, 0xf2, 0x0, 0x1, [@typed={0xc, 0x18, 0x0, 0x0, @u64=0xfac08}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x2d}}}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482566956555ee923c65973c0b0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ca475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be", @typed={0x4, 0x20e9}]}]}, 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)

2m51.148866331s ago: executing program 3 (id=6300):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000280)='./file1\x00', 0x0, &(0x7f0000000240)=ANY=[], 0x1, 0x1237, &(0x7f00000006c0)="$eJzs3E1rXFUYAOB3kon5qPlQ61cXeqgbV5cmC1eCBklBMgupRmgFcWonOOQ6E3KHQERtXbkV/Bfi0p0g/gE3/gWX3bjsQrjivZNk0qStlTJj6fNs7ptz3jfnXA4MnMs99/ab332+s11k2+1BTDUaMbUbke6kSDEVh17ZrK9Xr22ut1obV1K6vP7B6hsppaVXf/noyx8v/jo49+FPSz/Pxm8rH9/+cy0ibv2T/1m3SN0i9fqD1E7X+/1B+3remY5usZOl9F7eaRed1O0Vnb3R/rSd93d3D1K7d2NxYXevUxSp3TtIO52DNOin5nBKvZRlWVpcCO5p5lTLJ3c3bv1wpyzLiLKciaeiLMtyPhbiXDwdi7FULeIz8Ww8F+fj+XghXoyX4uUqa4x3AQAAAAAAAAAAAAAAAAAAAE+A+53/X44V5/8BAAAAAAAAAAAAAAAAAABgDN6/em1zvdXauJLSXET+7f7W/lZ9rfvXt6MbeXTiUizHX1Gd/q/V8eV3WxuXUmUlvslvDutv7m9Nn6xfrT4nMKxvVn2H9at1fTpZPxsLo/VrsRznzx5/7Yz6me8jXn9tpD6L5fj90+hHHjeqsY/rv15N6Z1b9ZziaPwLVd6xRjRG/2yOZ30AAADgUcjSkaP9+9sj+/csO91f74/r+od4PnDX/r4ZF+yhJ644+GKnneedvZPB3KmWBwWNiPjXyfcKGsNHLGfmxFzEf/7PYw2mHrZqerga908+/O7m5G/wcQvm/x/TeKyCif0kMUbHi36y/Y+LR+H8+GcFAAAAAAAAAADAgzyydwajcdb7v82o3yybHR3zrfgqm9wdAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA3O3AsAAAAACDM3zqNjg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgpAAAAP//d+24Qg==")
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000020000000000002000085000000ae00000095"], &(0x7f0000001b80)='GPL\x00', 0x6, 0x0, 0x0, 0x40f00, 0x41, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='kfree\x00', r1}, 0x18)
ioctl$int_in(r0, 0x5421, &(0x7f0000000100)=0x100000001)
setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000180)=0x1, 0x4)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xff, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = msgget(0x1, 0x2b0)
msgrcv(r2, 0x0, 0x0, 0x2, 0x2000)
r3 = syz_clone(0x60000400, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = getpgid(r3)
r5 = syz_pidfd_open(r4, 0x0)
pidfd_send_signal(r5, 0x21, 0x0, 0x4)
msgrcv(r2, 0x0, 0x0, 0x2, 0x0)
msgctl$IPC_RMID(r2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe4059d1ed18e2292, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r6 = socket$inet6(0xa, 0x3, 0xff)
setsockopt$inet6_int(r6, 0x29, 0x16, &(0x7f0000fcb000), 0x4)
setsockopt$inet6_int(r6, 0x29, 0x16, &(0x7f0000fcb000)=0x80, 0x4)

2m50.584924469s ago: executing program 3 (id=6307):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x6, 0x4, 0x4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="17fa00000000090000000400000000001c110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000007d00000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000000700000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffff"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r0], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10) (fail_nth: 3)

2m50.423799702s ago: executing program 3 (id=6308):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000005c0)=@newlink={0x1b4, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x600}, [@IFLA_VFINFO_LIST={0x194, 0x16, 0x0, 0x1, [{0xdc, 0x1, 0x0, 0x1, [@IFLA_VF_SPOOFCHK={0xc, 0x4, {0x80, 0x5a9}}, @IFLA_VF_VLAN_LIST={0xcc, 0xc, 0x0, 0x1, [{0x14, 0x1, {0x1, 0xbd0, 0x4, 0x88a8}}, {0x14, 0x1, {0x9, 0x4a7, 0xc992, 0x9a8}}, {0x14, 0x1, {0x40, 0x417, 0x1000, 0x8100}}, {0x14, 0x1, {0x0, 0x7c5, 0x101, 0x88a8}}, {0x14, 0x1, {0xfffffffe, 0xcbe, 0x7, 0x88a8}}, {0x14, 0x1, {0x2, 0x2b6, 0x5, 0x88a8}}, {0x14, 0x1, {0x1, 0xc2d, 0xed0, 0x8100}}, {0x14, 0x1, {0x5, 0xfdd, 0x9, 0x8100}}, {0x14, 0x1, {0x2, 0xb26, 0x7, 0x88a8}}, {0x14, 0x1, {0x1, 0xc1e, 0x7, 0x88a8}}]}]}, {0xb4, 0x1, 0x0, 0x1, [@IFLA_VF_MAC={0x28, 0x1, {0x3, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x32}}}, @IFLA_VF_IB_PORT_GUID={0x14}, @IFLA_VF_TX_RATE={0xc, 0x3, {0xfffffffe, 0x5}}, @IFLA_VF_LINK_STATE={0xc, 0x5, {0xd, 0xb}}, @IFLA_VF_TRUST={0xc, 0x9, {0x9, 0x9}}, @IFLA_VF_TRUST={0xc, 0x9, {0x0, 0xb4b30ff}}, @IFLA_VF_VLAN={0x10, 0x2, {0xdbc, 0xc7a, 0x2}}, @IFLA_VF_MAC={0x28, 0x1, {0x4}}, @IFLA_VF_LINK_STATE={0xc, 0x5, {0x3, 0x8}}]}]}]}, 0x1b4}, 0x1, 0x2}, 0x4080)

2m50.412212762s ago: executing program 35 (id=6308):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000005c0)=@newlink={0x1b4, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x600}, [@IFLA_VFINFO_LIST={0x194, 0x16, 0x0, 0x1, [{0xdc, 0x1, 0x0, 0x1, [@IFLA_VF_SPOOFCHK={0xc, 0x4, {0x80, 0x5a9}}, @IFLA_VF_VLAN_LIST={0xcc, 0xc, 0x0, 0x1, [{0x14, 0x1, {0x1, 0xbd0, 0x4, 0x88a8}}, {0x14, 0x1, {0x9, 0x4a7, 0xc992, 0x9a8}}, {0x14, 0x1, {0x40, 0x417, 0x1000, 0x8100}}, {0x14, 0x1, {0x0, 0x7c5, 0x101, 0x88a8}}, {0x14, 0x1, {0xfffffffe, 0xcbe, 0x7, 0x88a8}}, {0x14, 0x1, {0x2, 0x2b6, 0x5, 0x88a8}}, {0x14, 0x1, {0x1, 0xc2d, 0xed0, 0x8100}}, {0x14, 0x1, {0x5, 0xfdd, 0x9, 0x8100}}, {0x14, 0x1, {0x2, 0xb26, 0x7, 0x88a8}}, {0x14, 0x1, {0x1, 0xc1e, 0x7, 0x88a8}}]}]}, {0xb4, 0x1, 0x0, 0x1, [@IFLA_VF_MAC={0x28, 0x1, {0x3, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x32}}}, @IFLA_VF_IB_PORT_GUID={0x14}, @IFLA_VF_TX_RATE={0xc, 0x3, {0xfffffffe, 0x5}}, @IFLA_VF_LINK_STATE={0xc, 0x5, {0xd, 0xb}}, @IFLA_VF_TRUST={0xc, 0x9, {0x9, 0x9}}, @IFLA_VF_TRUST={0xc, 0x9, {0x0, 0xb4b30ff}}, @IFLA_VF_VLAN={0x10, 0x2, {0xdbc, 0xc7a, 0x2}}, @IFLA_VF_MAC={0x28, 0x1, {0x4}}, @IFLA_VF_LINK_STATE={0xc, 0x5, {0x3, 0x8}}]}]}]}, 0x1b4}, 0x1, 0x2}, 0x4080)

2m16.192017432s ago: executing program 7 (id=6694):
r0 = openat$incfs(0xffffffffffffffff, &(0x7f0000000080)='.log\x00', 0x400360, 0x4)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), r0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000040)='veno\x00', 0x5)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x1a, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180200000000000000000000000002001801000020646c4300000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x3a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x1e00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80, @void, @value}, 0x94)
sigaltstack(0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000280)='sched_switch\x00', r2, 0x0, 0x2}, 0x18)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xf, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180200000000000000000000000002001801000020646c4300000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x3a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000340)='mmap_lock_acquire_returned\x00'}, 0x18)
r3 = gettid()
process_vm_writev(r3, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)

2m16.043253604s ago: executing program 7 (id=6696):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000004000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000001c0)='kfree\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3, 0x0, 0x8000000}, 0x18)
openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/current\x00', 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_int(r4, &(0x7f0000000080)='notify_on_release\x00', 0x2, 0x0)
socket$kcm(0x2, 0x200000000000003, 0x106)
socket$inet_udp(0x2, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000580)=ANY=[@ANYBLOB="180000008000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000c44185000000040000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200000a000000b703000000000000850000007500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sys_enter\x00', r5}, 0x10)
socket$kcm(0xa, 0x2, 0x88)
socket$kcm(0x10, 0x2, 0x10)
socket$kcm(0x1e, 0x4, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240))
socket$kcm(0x2, 0x5, 0x84)
socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x204080, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.stat\x00', 0x26e1, 0x0)
socket$kcm(0xa, 0x2, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8}, 0x5f21df7aec8d40fb, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000001c0)=ANY=[@ANYRES32, @ANYRES32=r6, @ANYRES64=r6], 0x20)

2m16.012540364s ago: executing program 7 (id=6697):
connect$can_bcm(0xffffffffffffffff, &(0x7f00000000c0), 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r0, &(0x7f0000006bc0)=[{{&(0x7f0000000000)={0xa, 0x4e20, 0x80, @local, 0x4}, 0x1c, &(0x7f0000000340)=[{&(0x7f00000002c0)="18", 0x1}], 0x1}}], 0x1, 0x110)
shutdown(r0, 0x1)
getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000040)=@sack_info={0x0, 0x0, 0x1}, &(0x7f0000000080)=0xc)
r1 = syz_open_procfs(0x0, &(0x7f0000000340)='oom_score_adj\x00')
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16, @ANYBLOB="010000030000fcdbdf252400000018000180140002006970365f76746930"], 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000880)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x2007, @fd=r1, 0x0, 0x0, 0x0, 0x8d9bbfcb0901826e})
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x80, 0x2, 0x8b6}, &(0x7f0000000000)=<r4=>0x0, &(0x7f0000000300)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, r3, 0x0, &(0x7f0000000040)='./file0\x00', 0x64, 0x183000, 0x23456})
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00'}, 0x18)
io_uring_enter(r3, 0x47f6, 0x0, 0x2, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000005c0)="bbf58c0fffef7c7a466a1716af9006c77e4b0a165120b09a97235857ef5e78971a53a74779bc9c341eb936a86ac56541043de2821f1a4b8ea7a581d51700f27d8d9af66501db53833a259c296e7d34d82d30591c93489f3f4c0ab9522e93ff4456f2d99e95f20de1b03e63cda82290e0d789568d2f33393072c412b63426d701be0280b80e28062b2a201eeb93b206e4c56b62792ca8a5164c1592a4ce8223661f8bc4fc84a476adbb59d754eed3e027dd934e45265d2e8033807502d433c6c27d7de0af780937e71def6af10ab1b2268d7beda5c1bf45caed8f4228b221e65ca02394207aa35337ca1579e89abab62074696c21ddfbde4e7ac4ba765b3cecfb1f3559d58e6654864f", &(0x7f0000000740), 0x1, r6, 0x4}, 0x38)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r7, 0x0, 0x2}, 0x18)

2m15.524211792s ago: executing program 7 (id=6703):
r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_mount_image$ext4(&(0x7f00000007c0)='ext4\x00', &(0x7f00000006c0)='./file1\x00', 0x40, &(0x7f00000000c0)={[{@user_xattr}, {@nodioread_nolock}]}, 0x1, 0x576, &(0x7f0000000140)="$eJzs3T1sG2UfAPD/neO3X3nf9JXeVwLUoQKkIlV1kn5AYWpXRKVKHZBYIHLcqIoTV7EDTZQh3StEBwSoS9lgYAQxMCAWRlYWEDNSRSOQmg5g5K80TZzglDouud9POvuee87+P8+d/499pzs5gMw62nhII56OiItJxMi6uqFoVx5trbe6slS8v7JUTKJev/RLEklE3FtZKnbWT9rPhyJiOSKeiohv8hHH081xqwuL0xPlcmmuXR6tzVwdrS4snrgyMzFVmirNnnrp5TNnT58ZPzm+/mX36+tL+Z319caPN9+98d2rt29++tmR5eL7E0mci+F23fp+PE6tbZKPcxuWn+5HsAFKBt0AHkmuneeNVPp/jESunfXd1Ed2tWlAn9X3RdSBjErkP2RU53dA4/i3M+3m748751sHII24q+2pVTPUOjcR+5vHJgd/TR46Mmkcbx7ezYayJy1fj4ixoaHNn/+k/fl7dGOPo4H01dfnWztq8/5P18af6DL+DHfOnf5NnfFvddP49yB+bovx72KPMX5/46ePtox/PeKZrvGTtfhJl/hpRLzVY/xbr395dqu6+scRx6J7/I5k+/PDo5evlEtjrceuMb46duSV7fp/cIv4rXO2+5tfM922f5fT2l198e3nzy5vE/+F57bf/922/4GIeK/H+P+998lrW9XduZ7cbfwK2On+TyIft3uM/+K5oz/0uCoAAAAAAAAAALADafNatiQtrM2naaHQuof3f3EwLVeqteOXK/Ozk61r3g5HPu1caTXSKieN8nj7etxO+eSG8qlcO2DuQLNcKFbKkwPuOwAAAAAAAAAAAAAAAAAAADwpDm24//+3XPP+/41/Vw3sVVv/5Tew18l/yK6H8z8ZWDuA3ef7HzKrLv8hu+Q/ZJf8h+yS/5Bd8h+yS/5Ddsl/AAAAAAAAAAAAAAAAAAAAAAAAAADoi4sXLjSm+v2VpWKjPDm0MD9defvEZKk6XZiZLxaKlbmrhalKZapcKhQrM3/1fkmlcnUsZuevjdZK1dpodWHxzZnK/GznP0VL+b73CAAAAAAAAAAAAAAAAAAAAP55hptTkhYiIm3Op2mhEPHviDicRHL5Srk0FhH/iYjvc/l9jfL4oBsNAAAAAAAAAAAAAAAAAAAAe0x1YXF6olwuzWVkZmgnK0fE8uNtRuMdd/yqfHtfPSnb0EwWZgY8MAEAAAAAAAAAAAAAAAAAQAY9uOm311f80d8GAQAAAAAAAAAAAAAAAAAAQCalPycR0ZiOjTw/vLH2X8lqrvkcEe/cuvTBtYlabW68sfzu2vLah+3lJwfRfqBXnTzt5DEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwQHVhcXqiXC7N9XFm0H0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBR/BgAA///eANcP")
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0xe, 0xb, &(0x7f0000000700)=ANY=[@ANYRESHEX=r0], &(0x7f0000000840)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = syz_io_uring_setup(0x42af, &(0x7f0000000280)={0x0, 0xac4, 0x400, 0x3, 0x23e}, &(0x7f0000000080), &(0x7f0000000200))
r3 = syz_open_procfs$pagemap(0x0, &(0x7f0000000300))
io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000340)=[r2, r3, r1, r1, r1, r1, r1, r1, r1], 0x9)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000c80)='kmem_cache_free\x00', r1}, 0x10)
r4 = memfd_secret(0x80000)
fcntl$setlease(r4, 0x400, 0x0)
fsetxattr$system_posix_acl(r4, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x0)
stat(&(0x7f0000000800)='./file0\x00', &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000440)='./file0\x00', 0x52, &(0x7f0000000940)={[{@norecovery}], [{@smackfsfloor={'smackfsfloor', 0x3d, 'pagemap\x00'}}, {@fsuuid={'fsuuid', 0x3d, {[0x63, 0x38, 0x37, 0x64, 0x37, 0x37, 0x66, 0xe884cb4e3f984bb3], 0x2d, [0x34, 0x0, 0x39, 0x34], 0x2d, [0x2f34a4e58530bd5c, 0x66, 0x31, 0x73082a6e5dcbdde6], 0x2d, [0x62, 0x6e, 0x39, 0x39], 0x2d, [0x33, 0x37, 0x37, 0x34, 0x30, 0x36, 0x36, 0x64]}}}, {@uid_gt={'uid>', r5}}, {@fsname={'fsname', 0x3d, '[]*'}}, {@obj_user={'obj_user', 0x3d, 't-)-/{@:\xb5%\xc7\xccS\xc2\xb9\x84\xd8l*Z\xf2L\x1c\xb3J\xcf\xa1\xa1\x00\x00\x00\x00\x00\x00\x00\x03\xbaG\xf6erj\x10hy\xe4\"\x8f\v\x80]\x82\t\xf3u\x9d\x89c\'y\x921\x96\xfa\xc8\xfe\xf3Y\xee\x12\xfa#K\x1b\xbe\aFK*S\xd3\x80\x16|\xdb\xac\xbet\xcd\xe9%\xe5f\xaa\xe1\x9c\xa2:\x9e}B\xa1\x0f\xf4\xe5\x91G'}}, {@euid_lt={'euid<', r5}}, {@smackfsfloor={'smackfsfloor', 0x3d, '+}[)*'}}, {@appraise_type}, {@permit_directio}, {@appraise}]}, 0xee, 0x477, &(0x7f0000000f40)="$eJzs3E1oXEUcAPD/e/nqp4m1frS2Gq1i8SNp0g978KIoeFAQ9FDxFJO01KaNNBFsKVo91KMUvItHwbvgSS+iHkTwqncpFClCq6eV2X0v3Wx306TZZNvu7we7mXnzwsx/503e7MxuAuhaw+kpi9gSEX9ExGAtu/iE4dqPa1fOTf575dxkFpXKm39n1fOuXjk3WZ5a/t7mWqZSiRhIyYEm9V54J2JiZmb6dJEfnT/5/ujcmbPPHT85cWz62PSp8cOHD+zf3X9o/OCq4suLnymuqzs/mt2149W3L74+eeTiuz9/k45vKcrr47glKdoGw7VXt9Gj6enJVVV2W/k1PW2tO5D1tj55ZB0axPL1RETqrr7q+B+Mnti4UDYYr3za0cYBa6pSqVSa3Z8L5yvAXSyLTrcA6IzyRp/e/5aPdZp63BYuv1h7A5TivlY8aiW9C2sHfQ3vb9tpOCKOnP/vy/SIdqxDAADcxPdp/vNss/lfHg/UnXdPsYcyFBH3RsS2iLgvIrZHxP0R1XMfjIiHVlh/4w7JjfOf/NItBbZMaf73QrG3tXj+V87+YqinyG2txt+XHT0+M72veE32Rt9Ayo8tUccPL//+eZne0FBWP/9Lj1R/ORcs2nGpt2GBbmpifmK1cZcufxKxs7dZ/FmU2zhZROyIiJ23WMfxp7/e1ars5vEvYYl9puWqfBXxVK3/z8ei+K93VdZyf3Ls+UPjB0c3xMz0vtHyqrjRL79deKNV/auKvw1S/29qev0v7AIPZRsi5s6cPVHdr51beR0X/vysbkwv2l1O8effRqz4+u/P3qqm+4tjH07Mz58ei+jPXrvx+Pj13y3z5fkp/r17mo//bXUtfjgi0kW8OyIeKTZxU989FhGPR8SeJeL/6aUn3mtV1rr/l1iVb6MU/9TN+j/q+3/liZ4TP3638vhLqf8PVFN7iyPL+fu33Aau5rUDAACAO0Ve/Qx8lo8spPN8ZKT2Gf7tsSmfmZ2bf+bo7AenpmqflR+Kvrxc6RqsWw8dK9aGy/x4Q35/sW78Rc/Gan5kcnZmqtPBQ5fb3GL8J3/1dLp1wJprwz4acIcy/qF7Gf/QvYx/6F7GP3SvZuP/4w60A1h/7v/QvZqP/8avKgJ3oxXe//9Zq3YA68/8H7pSy+/G57Wi/lV+978zifJ/J9wu7elQYuNaVhF55wPsikTvWl/GA02LOvyHCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoE3+DwAA//82h+Ia")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1d, 0xc, &(0x7f0000000300)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = socket(0x840000000002, 0x3, 0xff)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2, 0xc3072, 0xffffffffffffffff, 0x200000)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0xc804)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4000000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
setrlimit(0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
r7 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
ptrace(0x10, r7)
ptrace$poke(0x5, r7, &(0x7f0000000080), 0x0)
setsockopt$SO_BINDTODEVICE(r6, 0x1, 0x19, &(0x7f0000000040)='gre0\x00', 0x10)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f00000008c0), 0x5, r8}, 0x38)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000480)={0x1}, 0x8)

2m14.96793715s ago: executing program 7 (id=6711):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000120000002400000008000000850000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000e80)={&(0x7f0000000e00)='sched_switch\x00', r0, 0x0, 0x51}, 0x18)
r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8)
write$cgroup_int(r2, &(0x7f00000001c0)=0x8200000000000000, 0xfffffdef)
socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
r4 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r4, 0xc0189374, &(0x7f0000000240)={{0x1, 0x1, 0x1018, 0xffffffffffffffff, {0x29}}, './file0\x00'})
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2f00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000006000000850000000700000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r5}, 0x10)
r6 = gettid()
r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x2082)
read(r7, &(0x7f0000000100)=""/140, 0xde)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r7, 0x4040534e, &(0x7f0000000040)={0x197, @tick, 0x0, {}, 0xff, 0x2})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r7, 0xc0605345, &(0x7f00000001c0)={0xfffffffd, 0x2, {0xffffffffffffffff, 0x0, 0x8, 0x3, 0x8}, 0x3})
tkill(r6, 0x7)
setsockopt$inet_MCAST_JOIN_GROUP(r3, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_MCAST_MSFILTER(r3, 0x0, 0x30, &(0x7f0000000940)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000500000002000000e00000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000064010102000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000e000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"], 0x310)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x5, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r8}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffe}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r9}, 0x18)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x2008042, &(0x7f00000000c0), 0x1, 0x571, &(0x7f0000000780)="$eJzs3c+PG1cdAPDvzP5yk7SbQA9QAQlQCCiKnXXaqOql5QJCVSVExQFxSJddZ7XEjkPsLd0lUrd/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACJUgcBs3Yu+ts7MSNvXaz/nykybyZN+Pve/bOvOdnxy+AmXUuInYjYjEi3oyI5e7+pLvEq50lP+7undtr9+7cXksiy974Z1Lk5/ui55zcye5jliLim1+L+G7yYNzW9s711Xq9dqu7XWk3blZa2zsXNxurG7WN2o1q9crKlUsvXX6xOra6nm388oOvbr72rd/8+tPv/373yz/Mi3Wqm9dbj3HqVH1hP05uPiJeO4pgUzDXXS9OuRw8njQiPhYRnyuu/+WYK/46AYDjLMuWI1vu3QYAjru0GANL0nJEpGm3E1DujOE9GyfSerPVvnCtuXVjvTNWdjoW0mub9dqlM0t//H5x8EKSb68UeUV+sV09tH05Is5ExI+Xniq2y2vN+vp0ujwAMPNO9rb/EfGfpTQtl4c6tc+negDAE6M07QIAABOn/QeA2aP9B4DZM0T73/2wf/fIywIATIb3/wAwe7T/ADB7tP8AMFO+8frr+ZLd6/7+9fpb21vXm29dXK+1rpcbW2vlteatm+WNZnOj+M2exqMer95s3lx5IbberrRrrXaltb1ztdHcutG+Wvyu99XawkRqBQA8zJmz7/0hiYjdl58qluiZy0FbDcdbOsajgCfL3Cgn6yDAE81sXzC7hmrCi07C7468LMB09P0x71Lf5P1++iGC+J4RfKSc/+Tw4//meIbjxcg+zK7HG/9/ZezlACbvscf//zzecgCTl2XJ4Tn/F/ezAIBjaYSv8GXvjKsTAkzVoybzHsvn/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDMnIqI70WSlou5wNP837Rcjng6Ik7HQnJts167FBHPxNmIWFjKt1emXWgAYETp35Pu/F/nl58/dTh3MfnvUrGOiB/87I2fvL3abt9ayff/a3//0t70YdWD80aYVxAAGN5fhzmoaL+r3XXPG/m7d26v7S1HWMYHfPCV/clH1+7duV0snZz5yLIsiygVfYkT/05ivntOKSKei4i5McTffTciPtGv/kkxNnK6O/Npb/zoxn56ovHT++KnRV5nnT99Hx9DWWDWvJfff149fP3NFVfWueKI/td/qbhDja64/5Ui9u59B/e/veu9VJTmcPz8mj83bIwXfvv1B3Zmy528dyOem+8XP9mPnwyI//yQ8f/0qc/86JUBednPI85H//i9sSrtxs1Ka3vn4mZjdaO2UbtRrV5ZuXLppcsvVivFGHVlb6T6Qf94+cIzg8qW1//EgPidV/7kofov7p/7hSHr/4v/vfmdzx5sLh2O/6XP93/9ny3W/Z//vE384pDxV0/8auD03Xn89QH1f9Trf2HI+O//bWd9yEMBgAlobe9cX63Xa7dGSuTvQj/8WVmWvZOX4SHH5NnDPeBed3G06vwlisTB05JEEqM/P/cn8s7YMAcvjFyd+xJ7wyXjrk6fxPx+X3G8j/zth/+1DEosjhI0HXstHicRp7uJu5MKOpXbETBBBxf9tEsCAAAAAAAAAAAAAAAMMon/wzTtOgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB8/T8AAP//Z1e+LQ==")
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0ff5b14104fe62cc60e413905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf2364149215108333719acd97cfa107d40224edc5465a93df8513a32ec450bebc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe511195418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4929330142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da8c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000dd11e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15f2a169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f000010000000000000905ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400bee3dfc8fb24f67c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341b74abaa7c95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb232bbdb9dc33cbd7643866fde41f94290c2a5ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595270fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f76dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d2e959efc71f665c4d75cf2458e3322c9062ece84c99a061997a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99f0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d164118e4cbe02400000000ff0700000000cc9d8046c216c1f895778cb25122a2a998de44aeadea2a40da8daccf080842a4867217373934bbd42dcb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcd62981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba495aea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b60000000000001700d6d5210d7560eb92d6a97a27602b81f76386f1535b1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294059323e7a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd704e4214de5946932d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1fc8df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1785eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea599b079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be2f5656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fd78f9743af932cd6db49a47613808bad959719c0000000000378a921c7f7f6933c2e24c7e800003c9e8095e02985f28de0bbc76d58dd92606b1ef6486c85fa3e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6968d12418a4d2a0d086d8438d415d713acebc5b014e61a543a5a391f03daca80f08f0e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e112645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c000000000000000000000000000000a1c3da144589dcaddb71cf9374843e23f992a237a9040747e0434a8a643990b4059a98411ce867d1af7e8ea89f49e6f564d4dce8a7d6939a9214a7f39e83bd247e03a09dba000000000000000000000000aaf033d47249c8444bc13844cbf1be617d82b269e5ea0c0d525603c0ec543ea581f63893ae414a6683e941fdbdff03cfc5f8744583c0aa766a65321f907927a59d75b47f06895e8471ebc2840ce5bd054df223fb09b9c739ad64cfcfd2d498b0f11056f6c40874cb977c99b6bc1a8732198a17e610082b7ce0365f271b11d4b4a3d4c7d0bb273f406ecd4b26c93151c30f5a269991402d109becb1b9bafcb2b47e940000000000e540d8b0db3774effb7469a21f96e2594b2973ebf7a1bd9ace2ed4d6eb1735f85885be5be74dc2ea5d7d499bd28271b98f187f5879b16b409a04d78175cc8d0f707c822805d7011ed4b22419186dd2b22aadf15828db2ca19d79e1bf2f7989237ee5cb2e1eb7b2bfc92d3aa95a26f060935c4fee8b2d7d0bf3c6d82d04329164bd4ee0b8060183f36762b0440d9082d7c8b06e4c2024f77e1018758d28e7ee290f32a48bfc2aa10b3dba9bff00d2410f3477a8e0df689c880dc9a677cfaa16603527c06625a3363744cea5f2d350224cc0fea76c72ca08507235c67346722f20690fde0790f040f5fd3eff75f9b291cc5e9c686ebaadbe756c6fa039ff441e427ed12578d5cb041ebf729cfaa575cc852fbdb54e60435e6d62b9d270433b220ed9ff1ff042b8d3d866231c4607"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

2m11.256889287s ago: executing program 7 (id=6774):
bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, 0x0, &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r1}, &(0x7f0000000240), &(0x7f00000003c0)}, 0x20)

2m11.225831067s ago: executing program 36 (id=6774):
bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, 0x0, &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r1}, &(0x7f0000000240), &(0x7f00000003c0)}, 0x20)

7.194190651s ago: executing program 2 (id=8643):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000008c0)=ANY=[@ANYBLOB="54000000000801010000ffffe00000000a000000050003002f0000000600024000000000240004800800024000000000080001400000fcff07000140800000010800014080000001090001"], 0x54}, 0x1, 0x0, 0x0, 0x4004}, 0x28040000)

7.136161662s ago: executing program 2 (id=8644):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000000000000000000000000000018150000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400001c00000085000000150000009500000000000000c8edbf9e6eb0d8458a"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0857f9f582f0300000000001000", 0x0, 0x2e00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

7.033000354s ago: executing program 2 (id=8645):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x29, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000040)={[{@bsdgroups}, {@nodiscard}, {@noblock_validity}, {@grpjquota}, {@grpjquota}, {@orlov}, {@journal_dev={'journal_dev', 0x3d, 0x8}}, {@nombcache}, {@stripe={'stripe', 0x3d, 0x10}}]}, 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV")
bpf$MAP_CREATE(0x0, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x18)
r5 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000200)={0x38, 0x28, 0x1, 0x4, 0x25dfdbfc, "", [@nested={0x28, 0xf2, 0x0, 0x1, [@typed={0xc, 0x18, 0x0, 0x0, @u64=0xfac08}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x2d}}}, @generic, @typed={0x4, 0x20e9}]}]}, 0x38}], 0x1, 0x0, 0x0, 0x1}, 0x0)

6.806664297s ago: executing program 2 (id=8655):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000300)='kfree\x00', r0}, 0x18)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/power/pm_trace', 0x24801, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000840)={&(0x7f0000000700), 0xc, &(0x7f0000000800)={&(0x7f0000000740)=@deltaction={0x98, 0x31, 0x4, 0x70bd26, 0x25dfdbfb, {}, [@TCA_ACT_TAB={0x58, 0x1, [{0xc, 0x10, 0x0, 0x0, @TCA_ACT_KIND={0x7, 0x1, 'xt\x00'}}, {0xc, 0x12, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}, {0xc, 0xf, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x3}}, {0x10, 0x10, 0x0, 0x0, @TCA_ACT_KIND={0xa, 0x1, 'pedit\x00'}}, {0xc, 0x18, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7}}, {0x14, 0x4, 0x0, 0x0, @TCA_ACT_KIND={0xd, 0x1, 'connmark\x00'}}]}, @TCA_ACT_TAB={0x2c, 0x1, [{0xc, 0x20, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x1}}, {0xc, 0x10, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x3}}, {0x10, 0x8, 0x0, 0x0, @TCA_ACT_KIND={0xc, 0x1, 'skbedit\x00'}}]}]}, 0x98}, 0x1, 0x0, 0x0, 0x4000}, 0x40800)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r6=>0x0})
getsockopt$inet6_IPV6_IPSEC_POLICY(r5, 0x29, 0x22, &(0x7f0000000340)={{{@in=@initdev, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0, <r8=>0x0}}, {{@in=@multicast2}, 0x0, @in6=@private0}}, &(0x7f0000000100)=0xe8)
sendmsg$nl_xfrm(r5, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000140)={&(0x7f0000000480)=@delpolicy={0x234, 0x14, 0x100, 0x70bd29, 0x25dfdbfd, {{@in=@multicast1, @in=@broadcast, 0x4e23, 0xfffd, 0x4e20, 0x2dd0, 0xa, 0x0, 0x0, 0x73, r6, r8}, 0x6e6bb0}, [@tmpl={0x84, 0x5, [{{@in6=@mcast1, 0x4d4, 0xff}, 0x2, @in6=@loopback, 0x3507, 0x1, 0x3, 0x1, 0x6, 0x1, 0x4}, {{@in6=@private2={0xfc, 0x2, '\x00', 0xda}, 0x4d4, 0x3c}, 0xa, @in=@private=0xa010100, 0x3507, 0x1, 0x0, 0xb0, 0x1, 0x9, 0x2}]}, @coaddr={0x14, 0xe, @in=@multicast2}, @algo_auth={0x12b, 0x1, {{'poly1305-simd\x00'}, 0x718, "8c3185991e81301a7a901a3b113d6051137de098726a436cde5145c695a7e8b39ce0a959e85e6583dbea9f48e5c4ab4f2b78a5d287d5fb68c713e2798c337f2cb6f3e3ec25023a83cb9b8f94f0553acdd053fbd89b01cfb68f9e35103d4d176a5c78d7aaf30b45954e8e1729769db5f84645c3dcd71e4d21be797d6343c468a5a3594b4dae08096ecc892fd60d9557f8c4ba3a56536902e2a9fc6c31190ab219276e530d5fc56b48c946d7c3286cf3a97ea1b46d322400e9acc5a24500946d3046d4ce8285c1c26eeb3f8581806f21b905b8013651e61f664ff6b187061fbb15e893e5"}}, @XFRMA_IF_ID={0x8, 0x1f, 0x3}, @replay_val={0x10, 0xa, {0x70bd2c, 0x70bd29, 0x3}}, @XFRMA_IF_ID={0x8, 0x1f, 0x3}]}, 0x234}, 0x1, 0x0, 0x0, 0x8000}, 0x1)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000980)={{r3, <r9=>0xffffffffffffffff}, &(0x7f0000000880), &(0x7f0000000940)=r3}, 0x20)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000d00)={0x3, <r10=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000dc0)={0x11, 0x30, &(0x7f00000009c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x6}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [@printk={@u, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x8}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}}, @map_idx_val={0x18, 0x5, 0x6, 0x0, 0x7, 0x0, 0x0, 0x0, 0x3051}, @generic={0x9, 0xc, 0x6, 0x0, 0x8000}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r9}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000b40)='syzkaller\x00', 0x800, 0xde, &(0x7f0000000c00)=""/222, 0x40f00, 0x12, '\x00', r7, @fallback=0x25, r4, 0x8, &(0x7f0000000b80)={0xa, 0x3}, 0x8, 0x10, 0x0, 0x0, r10, r2, 0x2, &(0x7f0000000d40)=[r4], &(0x7f0000000d80)=[{0x2, 0x3, 0x3, 0x1}, {0x1, 0x1, 0x7, 0xc}], 0x10, 0x4, @void, @value}, 0x94)
r11 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000300)='/sys/kernel/profiling', 0x22042, 0x0)
write$binfmt_misc(r5, &(0x7f0000000000), 0xfffffecc)
splice(r4, 0x0, r11, 0x0, 0xbfd1, 0x0)

5.902346981s ago: executing program 2 (id=8672):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000004000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000001c0)='kfree\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="05000000040000009900"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3, 0x0, 0x8000000}, 0x18)
openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/current\x00', 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_int(r4, &(0x7f0000000080)='notify_on_release\x00', 0x2, 0x0)
socket$kcm(0x2, 0x200000000000003, 0x106)
socket$inet_udp(0x2, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000580)=ANY=[@ANYBLOB="180000008000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000c44185000000040000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200000a000000b703000000000000850000007500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sys_enter\x00', r5}, 0x10)
socket$kcm(0xa, 0x2, 0x88)
socket$kcm(0x10, 0x2, 0x10)
socket$kcm(0x1e, 0x4, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240))
socket$kcm(0x2, 0x5, 0x84)
socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x204080, 0x0)
socket$kcm(0x2, 0x200000000000001, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.stat\x00', 0x26e1, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8}, 0x5f21df7aec8d40fb, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000001c0)=ANY=[@ANYRES32, @ANYRES32=r6, @ANYRES64=r6], 0x20)

5.720043373s ago: executing program 2 (id=8674):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x29, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000040)={[{@bsdgroups}, {@nodiscard}, {@noblock_validity}, {@grpjquota}, {@grpjquota}, {@orlov}, {@journal_dev={'journal_dev', 0x3d, 0x8}}, {@nombcache}, {@stripe={'stripe', 0x3d, 0x10}}]}, 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV")
bpf$MAP_CREATE(0x0, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x18)
r5 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000200)={0xa8, 0x28, 0x1, 0x4, 0x25dfdbfc, "", [@nested={0x96, 0xf2, 0x0, 0x1, [@typed={0xc, 0x18, 0x0, 0x0, @u64=0xfac08}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x2d}}}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b89f7cb81bf", @typed={0x4, 0x20e9}]}]}, 0xa8}], 0x1, 0x0, 0x0, 0x1}, 0x0)

1.657102975s ago: executing program 0 (id=8708):
connect$can_bcm(0xffffffffffffffff, &(0x7f00000000c0), 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_sctp(0xa, 0x801, 0x84)
r0 = syz_open_procfs(0x0, 0x0)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[], 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x0)
mount$9p_fd(0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000880)=ANY=[@ANYBLOB, @ANYRESHEX=r0, @ANYBLOB])
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x2007, @fd=r0, 0x0, 0x0, 0x0, 0x8d9bbfcb0901826e})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x80, 0x2, 0x8b6}, &(0x7f0000000000)=<r2=>0x0, &(0x7f0000000300)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, r1, 0x0, &(0x7f0000000040)='./file0\x00', 0x64, 0x183000, 0x23456})
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00'}, 0x18)
io_uring_enter(r1, 0x47f6, 0x0, 0x2, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x1, r4, 0x4}, 0x38)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b70400000000000085"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r5, 0x0, 0x2}, 0x18)

1.579214887s ago: executing program 1 (id=8710):
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000c00)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmsg(r0, 0x0, 0x0)
close(r1)

1.463980908s ago: executing program 1 (id=8711):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x29, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000040)={[{@bsdgroups}, {@nodiscard}, {@noblock_validity}, {@grpjquota}, {@grpjquota}, {@orlov}, {@journal_dev={'journal_dev', 0x3d, 0x8}}, {@nombcache}, {@stripe={'stripe', 0x3d, 0x10}}]}, 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV")
bpf$MAP_CREATE(0x0, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x18)
r5 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000200)={0xf8, 0x28, 0x1, 0x4, 0x25dfdbfc, "", [@nested={0xe8, 0xf2, 0x0, 0x1, [@typed={0xc, 0x18, 0x0, 0x0, @u64=0xfac08}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x2d}}}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482566956555ee923c65973c0b0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ca475f00ac64337803", @typed={0x4, 0x20e9}]}]}, 0xf8}], 0x1, 0x0, 0x0, 0x1}, 0x0)

1.32375452s ago: executing program 1 (id=8713):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r1, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)

1.285005761s ago: executing program 0 (id=8714):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00"/11], 0x48)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_DAEMON(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r3, @ANYBLOB], 0x4c}}, 0x0)

1.217066772s ago: executing program 0 (id=8715):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_config_ext={0x80, 0x7}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x3}, 0x0, 0x3, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
bpf$TOKEN_CREATE(0x24, &(0x7f0000000280)={0x0, r0}, 0x8)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x4, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3, 0x0, 0x100}, 0x18)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0xf1, &(0x7f0000000240)={&(0x7f0000000500)=@newqdisc={0x38, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0xc, 0x2, [@TCA_HHF_HH_FLOWS_LIMIT={0x4}]}}]}, 0x38}}, 0x0)
r4 = perf_event_open(&(0x7f0000001480)={0x2, 0x80, 0x82, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x20000000, 0x10001}, 0x0, 0x0, 0x7, 0x0, 0x0, 0xd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x40082406, &(0x7f0000000180)='cpu==0||!')

1.159839423s ago: executing program 0 (id=8716):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
r1 = gettid()
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x2082)
read(r2, &(0x7f0000000100)=""/140, 0xde)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r2, 0x4040534e, &(0x7f0000000040)={0x197, @tick, 0x0, {}, 0xff, 0x2})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r2, 0xc0605345, &(0x7f00000001c0)={0xfffffffd, 0x2, {0xffffffffffffffff, 0x0, 0x8, 0x3, 0x8}, 0x3})
tkill(r1, 0x7)
setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000940)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000500000002000000e00000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000064010102000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000e000000200"/616], 0x310)

940.185146ms ago: executing program 0 (id=8719):
arch_prctl$ARCH_REQ_XCOMP_PERM(0x1023, 0xa)
openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000000), 0x35c, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f00000103c0)=ANY=[@ANYBLOB="1800000002000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000400)={0x6, 0x3, &(0x7f0000000680)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='scsi_dispatch_cmd_start\x00', 0xffffffffffffffff, 0x0, 0x4}, 0x18)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="010000000300"], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000780)={[{@data_err_ignore}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@delalloc}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}, {@quota}]}, 0x41, 0x553, &(0x7f0000000a40)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.numa_stat\x00', 0x275a, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0x8004587d, &(0x7f0000000080))

854.209507ms ago: executing program 1 (id=8721):
unshare(0x20000400)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000f"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2, 0x0, 0x5}, 0x18)
readahead(0xffffffffffffffff, 0x5, 0x3)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa4000000", @ANYRES32=r4, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff, @void, @value}, 0x94)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x4f0, 0x340, 0x25, 0x148, 0x0, 0x60, 0x458, 0x2a8, 0x2a8, 0x458, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x44, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_bond\x00', 'veth0\x00', {0xff}}, 0x0, 0xd0, 0x118, 0x0, {}, [@common=@unspec=@cgroup0={{0x28}, {0x4}}, @common=@unspec=@statistic={{0x38}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x8000, 'syz0\x00', {0x481c}}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x550)

847.788698ms ago: executing program 0 (id=8722):
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000440), 0xffffffffffffffff)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001640)={&(0x7f00000008c0)=ANY=[], 0x2c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a0000000400000008000000"], 0x48)
socket$kcm(0x10, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095", @ANYRES64=r2, @ANYBLOB="697c965b0f4283d3238a0b6b5ce44c2f82185a9e181cb589c958391735b256ffe1656d18f5f72f9ebfc8c0c7eb9a796cf6e01385d4c5ca33e333001c2f03a78f05033873f6a9d97df831af1ebb4a9308dabdf264f310439aa70e9af4827db75e38d3357e44dd7b2572e4f33a6f80566189"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0)
r5 = socket$xdp(0x2c, 0x3, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x400000000000004)
setsockopt$XDP_RX_RING(r5, 0x11b, 0x2, &(0x7f00000004c0)=0x1000000, 0x4)
writev(r6, &(0x7f0000000000)=[{&(0x7f0000000200)="480000001400190d7ebdeb75fd0d8c562c84d8c033ed7a80ffe0090f000000000000a2bc5603ca00000f7f89000000200000004a2471083ec6991778581acb6c0101ff0000000309", 0x48}], 0x1)
r7 = socket(0x10, 0x80002, 0x0)
r8 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r8, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r8, 0x84, 0x6f, &(0x7f00000000c0)={<r9=>0x0, 0x10, &(0x7f0000000040)=[@in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x20}}]}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r8, 0x84, 0x6, &(0x7f0000000140)={r9, @in6={{0xa, 0x4e21, 0x8, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7}}}, &(0x7f0000000000)=0x84)
sendmsg$nl_route(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@RTM_NEWMDB={0x17, 0x55, 0x1e5, 0x7, 0xffffffff, {}, [@MDBA_SET_ENTRY={0x20, 0x1, {0x0, 0x1, 0x0, 0x3, {@in6_addr=@private1, 0x86dd}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x48c0}, 0x40004c0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="4c000000020601080000000000000000000000400500010006000000050005000200000005000400000000000900020073797a310000000011000300686173683a69702c6d61726b000000"], 0x4c}}, 0x0)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r10, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x48, 0x9, 0x6, 0x201, 0x0, 0x0, {0x7, 0x0, 0xffff}, [@IPSET_ATTR_DATA={0x20, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x1}, @IPSET_ATTR_CIDR={0x5, 0x3, 0x2}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080)

798.497298ms ago: executing program 8 (id=8723):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
socket$inet_udp(0x2, 0x2, 0x0)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r3 = socket(0x1, 0x2, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0xc)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f00000011c0)={{{@in6=@private2={0xfc, 0x2, '\x00', 0x1}, @in6=@remote, 0x4e20, 0x8000, 0x4e23, 0x1, 0x2, 0x20, 0x180, 0x8, 0x0, r4}, {0x9, 0x7fffffff, 0x1, 0x5, 0x10001, 0x7, 0x7fffffff, 0xd666}, {0x4b0, 0x0, 0x4, 0xfffffffffffffffd}, 0x7, 0x0, 0x2, 0x0, 0x1, 0x2}, {{@in6=@loopback, 0x4d5, 0xff}, 0xa, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x3506, 0x1, 0x1, 0x0, 0x7, 0x9, 0x4}}, 0xe8)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000001200)=ANY=[@ANYBLOB="61124c00000000006113300000000000bf300000000000002500070007ffffffbd0201000000000095002000000000006916320000000000bf6700000000000004070000b964b01a4607feff00200000540700000ee60090bf050000000000000c5700000000000065070000d23700002c030000000000001f75000000000000bf54000000000000070000000400f9ffad430100000000007c000000000000000500000000000000950000000000000032ed3c5be95e5db67754bb12dc8c4ed68ecf264e0f84f9f17d3c30e3c7bdd2d17f2f175455000078af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd390700000500000000f18c30907d7bee45a0100000fe9de56c9d05000000c6c60bef0d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cac3f055af65727546e7c955ccefa1f6ab689ffffff7f63ede202fa4e0a2127b8b83c71a51445dc8dfd13ff15f852a39e5b2ab7bcb8f512036a5ba6d04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6901fcecc8158f0200000000c8fb735fd552bdc268694aeb0763f65e439ec1120843e326c819b6cf5c8ac86f8a297dff0445a13d0045fb3cda30a673a6037ed8c85f21ec2c081bdce431e56723888fb126a19bc1172b84b3ebe174aba210d739a018f9bbec63222d20cecac4d03723f1c921b5bbf7949632cacfdd32b3a6aa57f1ad2e99e0e67a993716dbf580469f0f53acbb400001e3abd5dedd3f7d2cf5834f2af97787f696649a46e17e090000000000000045eac1720e83b7838e3eede14308d582685e1becd6f35154bcb400000000000000000000008129277dc467148670ad3e2b26539cebca8f4ddc211bc3ccf0bd9d42ca019dd5d022cf74686e9fbe2562979eaed840a7afaab43176e65ec1118d46d1e827f3472f4445d353887a5ad103649afa1769080584f800031e03a651bb04000000ab04871bc47287cd31cc43ea0ffb567b4040c1458d0320ce7d0000413a0000000000000000005f37983f84e98a523d80bd56a57fa82b82f639601ae899a559944cb9a62a29ab028acfc1cb26a0f6a5480a55d624a0c544ba0dc828c22fe30000aa391598000000437d57fcf8295f63a70837f5cd4e5e77964522dc7ca3aa3476b7f2d851d27fd4de6eabb43e0799dc8d9fb7dc6c523ffbd74a6a40e4acb1ac872ade9d1f2ab779b8dbe843aeeda0426c767c00327b8c95b2bb6ddb55117669d9598c0f3598073f3a921c76beceff7e4fbfea5011db9020823b83abe54346c7af0a99fa077ffe7000feb9e44023a1749eb1d0d572b77d6e0d0fcd74031c8ef2629f5ecff4626746d6abe98a255e92c3c4f79bfcd0d91741380000cfeb73dec68ed56b5d3dfdf0cb8b71ad79000000000000000000000000000000dd434a25e95d0ec29d3adaccf89d0888031ecdfdb4dfbe444673be099ece7e4009c76c7108ef0a7e59fd6d906fbc3c9b412e0478cfee4485f423c63f49db43833c92eeeb647cebd4d7a93a17bcbb6bae5ff876375d4fe39cc2d292691672cc18ca372104ceb83a35ecedd97fc191d8f64d2b1d60c6d12911aada66c26aa4802c3514c3d92ec905000000b13f14c3f2ed6c64ec90000022d600000000000000000000028026b80c3899543223a6079ee96198b9a326db3be3a48af415ca28ca51c502550044ed8e29af8d763ef9b1f31befcad2ce5394601c7cdc233ba3d4ce26ed703dcb9fb3ad650f77e339768924dfdbeead13b88371154d743544a6091ec93e0d3fd5b4dc42911c17d51f964727bfd5cc5ba15370f6e1141d2271eded0b15e4316a1e4623272beb249a0928c417720be14c898f397411c88a7bcf3df46ab3efe7cd5e160c2afd3cc945f75011a102d952c7ad17a58d9be6910023a26faea764fae160cc2260bd028162917807ce89e11b5f261052ee0dde18efa1d802af2b7beecaaa61e7a726571df5cf6f8af41933cea0d0343261bccf64ca1c81045153eafbefdb91fbdff9ee3307d4a1837963b2dc2a3698d90e7915b098f19392e792adaea86052f4e948184001b6494e906925a092483adc7e9c8f7a29d226763c100aecae7f00619c36bceb9fb6dd7e55487d8485e498fdfc377fd3d266d21d46ab2f6b2ce22cd0aebba9b0ffbfe8ec3143c3734967c90b16ebbeeae1ce2baaae05aed6bf0f40c8a323f9235dc99698bd0b800067a901a79daada03cc77e74feb98b1586946b452764ff917a8ecc10e529c5bea49cad70e22df522c2803b6ef65df70223c6e22c3433e322d8dbd6e9b040065a9d6b3d5ae276cffe935d559bea88e1aa36b4e6c19e78457904297e77370e013b705a96548d47c609a93c45f4d1382b39c05dcc07d5b49ad75ddb3ce5b5b9416e03995da046c7aa5e6fc1a6f5d663380967ccef9de49a90ced031335e3219ebd9d06c257a50497ec523f5ff7361261ccfe239d603364a42e2e81fc068fcbb9792b673827fe7018a988fbce55bb74cdb327ce27e134548032a307871cea4c89d4b77b8743fb3cb72cc280b9f62e4f92f46a19600b802cba88b7d0a938d9e0e6cfe5d66b8748d004179e5b6025c0e1050faec7ecd9de190a975db2f8c06a551236278c4766d7e22e3b85168c9851de6266c791252f919b4f8b25055e786734e5142e4666c67aef5b7b2f88c6640995434aa8636993089c73f196c54ae829ad4307132655b075ae534fa7f1ea9a17e62357b0bd2bd1d62d34bfc136464025013665b1cf26a863a5cb3e8acc806611792add8254e705fefd2a44d5b15e3b36f6b75c97c9c04c511d8cf9e24c61c8284a913a381cb1a56c4f3f265a09628878040000000000000017b68afd95d4abd79286692439ee7acca2adc3d83d72b1b778e30c2bf2efbbcd054cf51f5705eb0faa8a0d9f18135cb1d8d567c3436fa697b72c5035d98b9e4f7f3379c0b3339debc78352b2e65299223d7ef2bd540e78167a3ac92a4c4f826f6d0e5c4ebf4f7a70c03e2f5ddbebf168586331eb5995d2288a167b7c6b20b32116b0c528dab6d0c4fe2ee402348104bc5d4012babedee898c6d3e1017be2e9bc759d3ab4d615f5000000000000000000000000000000000000000000007fff0000000000e693e314adf7dc9f517d04f1e6ca367d30d31d3647c6059db6e1e9529eb1623ef99e2d9ac2ab4872f8e784b07a31110bef6d000000a6f9e89e6d50ee06ce716f94da60f1f22db669560d296287c13c92070000ee7553eb2df17a39542fa88d09f000e88a90cf4406b9000000000000000000000000f441d6a6f516c235c6f5863e7f454ee0e16b9aa2593eb31fa3836703e7765aaeb77a8770e518efaa6d3dd85e03b3b133eb749057cea9af75a0e6f633532f2891b8e263cb6eecea691842827bc7c887081c8d320642389f5f0c42dba0ff75a257310f2d92cb1d1e16468949f5675262ee6609cf26ae4a8f5eac0ebf318e735930b01d8f586e34537bcff7d6196f494cdcf3a712078d745db0f5687a78ee6d000b3d171a0f08299b52d207f32e9da311ca090000003a42732808515eec574f892622c5be497fc3d9ca122d7c18b9e54637812c8debc61f0e42d838e44a819b74bce1a56108bb0f72c4a02475920532309c55b2c9ae9f281391ec5cc72a5e94cca1cbf1a706ec201eedfa5fbdb537a0c52bd45a9f966c25616cec30c3ea3246cb8e6aac7cf273638e6656a3e4ccadc348f0172028c99cc5f6d5c6d09ed65aa54549e73c28b7c8ad06ad3c5e3c27eec0eff1a6c84f1189919eefcee8072d1f88cb781e4cdb04af00ac92f1080211c4bee74381a0e31021918f27863fdbafb50f70857d52a1f7df51935a80b1980a4778d35f183ea517f55a98c5a471f3521956f8da6a4ccf2071095305701ab3f3ae43f06e91bc7d85e3800b46926944fba9805a985e63e53a62232fcd3f01dbe1728f300e247a7ebe344f9749818ff3961b2a42664ccd680a90bbb6ab400e286acc8f9febef64594777f848ed1cf980a3da2f0f7745760a05887d0c28060d613dd6539d392fc21fee0b5131609664b821d7a994e6c5965a4fa1ec1790c54e54586907dcc5a071ba22251e2de8bac16e79da9c2444d52facb7ab49420900000000000000f888a94365b99b72796fde1b922fc9ae09b526efca65faf1546c17cbb1d2d2fd12cb1a49cad501a3ca218c595b667b634606c57987ebfb0783a4948e4561d5cda158fe74453ff4a837be14d6a483842c57d6005b544b4f80003386edfd3d4a88a667bd41eefe0d808abed08a29e6bc370a80cc0366fb4080bfbaaa946fd47ab662c79c846e403910bbc3a48bb276cbb08a8eab145c06221ef16a238e3d50ad18aea9a2cec97d3c2d0569caabe2bffe02506bc9cb7294c5d020536dd5e7a6351642112df3b55d0215aaec7e45598995e79699e47567e353e68b03f82be860b188554b734e1192f9c1a867b815ef52cdc3307c0cc9be0000fdde69c350e59f11f1d26a4d04d8c8b2c4a4d23ee931d14bc7807db773a614b670acf46f83f7c65a0f8d43c5f647e1f0d27c46d4b686e867e9b0be76a7978a8f962bb5a070df97f2bf7612115cfe5ebdc7ad0bc5a5f3ace25347d0e5c347279d55aa67a967380000000000000000000000000000000000000000000000ed0942d980c754c6c69ef65c375ad018824f78b260d5f51bc3feba504408a8c8141d84f3f417603b5081680faa8cf38dbe4ae19e936511966965ce268b6345a0001c0f26a32e0a999fc869292e939dcf89b9bfd794f9c12d41959a00688cca43015a9eec58f647796adea520cd2abeb0b55c22949d10e5a05fee4543fdc1e02554a55b5fef2427a6e5708edc38fac53c2f961945a3f83cdf01979939b49bc6b1aef8c733401bbe473de8d64efbe0d123739f387d1c0d9e74f2175c174ada1678c7db79492e8dd0f34e2ccf419cf7f14ffa408b50a52685b36aed14aa22ad928191d5a2697646edc52a1c0c5d720ae690add2b34aed161f51cc1cb424f76098e1e1921e5a405f9d298a8461f2da30e47b7c6ed7c95c84c745f58723e4cddffae3b53b5b947f9435e589f9ae55b30ecd3827b2de5df31976870823da8058c2538c04e397f3d0ef90c11c74da984fa558697ecb57224ce8fa6f79aadbd7dbf3678e74d790bc2ee72769a3ada1dd504f8e4133ce1effd446bc9a2f139e65cc4bd83912af3122352506c7c2191b3705113a5ce1c99193886d6008d3565b00000000000000000000000000000000001c260fc175785ca04e31790f542c0f17b6599e93134792eae9878638b299e1d2b38d367be0d5c99d179c6bde265caebbae48bae74338f9d4f12f"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffe50, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @mcast2}, 0x80, 0x0}, 0x0)
socket$kcm(0xa, 0x2, 0x73)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f00000021c0))
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000c80)={'lo\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x7, 0x5, 0xfffffffa, 0x1, 0xb3a}, 0xb6, 0x0, 0xffff, 0x2, 0x508, 0x14, 0x1e, 0x1d, 0x5, 0xff, {0x6, 0x9c22, 0x9, 0x10, 0x4, 0x8}}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x40008d1}, 0x0)

796.140818ms ago: executing program 1 (id=8724):
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, 0x0)
openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
creat(0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
r0 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bond0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a000000020000000110000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r3}, &(0x7f0000000000), 0x0}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001940)=@newtaction={0xe68, 0x30, 0x871a15abc695fa3d, 0xfffffffd, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{0x0, 0x0, 0x62f72a3a9d6770bc, 0x0, 0x4}, 0x8}, [{}, {0x0, 0x0, 0x0, 0x0, 0x2000}, {}, {}, {}, {0x448eade7, 0x0, 0xc}, {0x0, 0x0, 0x7}, {0x0, 0x0, 0xb}, {}, {0x0, 0x0, 0x0, 0x0, 0x7ff}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, {0x0, 0x0, 0xfffffffd}, {}, {}, {0x0, 0x20000000, 0x0, 0xfffffffe, 0x1007}, {}, {0x0, 0xffffffff}, {0x0, 0x0, 0x303}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, {}, {}, {0x0, 0x0, 0x0, 0x1}, {}, {0xfffffff9, 0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {0x0, 0x4}, {}, {0x0, 0x0, 0xc}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {0x0, 0x0, 0x0, 0xffffffff}, {0x0, 0x4000}, {0xfffffffe}, {}, {0xd5}, {0x0, 0x0, 0x0, 0xa13}, {}, {0x6}, {}, {}, {}, {}, {}, {}, {0x0, 0x10}, {}, {0xffffffff}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {}, {0x0, 0xffff8001}, {}, {}, {0x8, 0x0, 0x0, 0x1, 0x800}, {}, {0x2, 0x0, 0xffffffff}, {0x0, 0x5, 0x0, 0x0, 0x2}, {}, {0x2}, {0x0, 0x0, 0x0, 0x0, 0x7, 0xffff67ce}, {}, {}, {0x0, 0x0, 0x0, 0x7, 0xfffffffe}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x8001}, {0x0, 0x0, 0x4}, {}, {0x0, 0x0, 0x233}, {}, {0x3}, {0x0, 0x0, 0x0, 0x0, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x72f1}, {0x0, 0x0, 0xd7ed}, {0x0, 0x9, 0x0, 0x0, 0x0, 0xfffffffd}, {}, {0x0, 0x4, 0x0, 0x0, 0x0, 0xfffffffc}, {0x0, 0x0, 0x2}, {0x0, 0x4}, {0x0, 0x0, 0xfffffffd, 0x4000}, {}, {0x0, 0x0, 0xfffffffd}, {}, {0x814}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {}, {}, {}, {0x3}, {}, {}, {0x4}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {0x0, 0xfffffffa, 0x0, 0x0, 0x2}, {0xd6, 0x0, 0x0, 0x0, 0x2}, {0xfffffffd}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x4}, {0x5f}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {}, {0x0, 0x0, 0x0, 0x10000}, {}, {0x0, 0x0, 0x0, 0x20000}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, {}, {0x0, 0x0, 0x0, 0x3}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xb}, {0x0, 0x0, 0x1}], [{}, {0x5}, {}, {}, {}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {0x5, 0x1}, {0x4, 0x1}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {0x7}, {}, {}, {}, {}, {0xc, 0x1}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {0x5}, {}, {}, {0x5}, {}, {}, {}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {0x0, 0x1}, {}, {}, {0x0, 0x7afca22067ae7b97}, {}, {}, {}, {}, {}, {}, {}, {}, {0x3, 0x1}, {}, {}, {}, {}, {}, {}, {0x2, 0x1}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x3}, {}, {}, {}, {}, {}, {}, {0x6}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@newqdisc={0x94, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r1, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x64, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], 0x0, [0x5, 0x4, 0x22, 0x1, 0x8, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x8]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x8, 0x2, 0x0, 0x1, [{0x4}]}]}}]}, 0x94}, 0x1, 0x0, 0x0, 0x100}, 0x40)

546.039622ms ago: executing program 1 (id=8725):
syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x0, &(0x7f00000021c0), 0x1, 0x789, &(0x7f0000001240)="$eJzs3M9rG2caAOB3JlacH96VF/awe8kuJJBAiGzHl+RU91J6CQQCvabGHhvjsRUsObXdQJzeCoU0vrSlUNp7j70WQvoH9FYCLfTWQ6G0qXtoe1GRLCuJIylKYkeJ+zww1veNvpn3fWfkzzPgUQB/W/+v/0gihiLiYkQUm+vTiDjYaB2KWN8at3nv2lR9SaJWu/RzUt8sNmvF1r6S5uvRaGwS/4mIO4WI0+88GreyujY/mefZUrM/Ul24MlJZXTsztzA5m81mi2Pj50fPjY+fGx3ftVpPvHH+8K2vX9vY+OaL6s1jA2eSmGjUHc3adi3QA7aOSSEmdqxf3ItgfZT0MGbgOeQBAEB39ev8A81rs0IU40C3qzQXcAAAAPBSqg3WevVHzyMBAACAF0wS/c4AAAAA2Fvb/wew/WzvXj0H28lPr0bEcLv4A41niCMORSEijmwmDz1+kGxtBs9k/UZE3J5o8/nr5Ynm7kbvNw/vzh7Zbbfr889Eu/knbc0/0Wb+Gdj+7oRn1Hn+ux//QIf572KPMb785L+FjvFvVFbePdYuftKKn3SI/2aP8W9uvHer03u1zyJOtv37kzwUq8v3Q4zMzOXtfrVa6d7589TdzvVHHHkkfpI0oibd67/SY/1vb/46v94l/qnj3c//VvzBh7arfybeb+aRRsSt5mu9v7EjxvGFb796NHKyvh1/usPxb3/+X2/V/2mP9X//+eBKj0MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgIY2IoUjSUqudpqVSxNGI+HccSfNypXp6pry8OF1/L2I4CunMXJ6NRkRxq5/U+2ON9v3+2R398Yj413eHt4LO5VlpqpxP97t4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWo5GxFAkaSki0oj4rZimpVK/swIAAAB23XC/EwAAAAD2nPt/AAAA2P+e9v4/2eU8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgH3t4oUL9aW2ee/aVL0/fXV1eb589cx0VpkvLSxPlabKS1dKs+XybJ6VpsoLj9tfGhFj52N5ZaSaVaojldW1ywvl5cXq5bmFydnsclZ4LlUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwpIYaS5KWIiJttNO0VIr4R0QMRyGZmcuz0Yj4Z0TcLRYG6/2xficNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADArqusrs1P5nm29HI3avurnJ4bkUS8AGl0aHzUPCvdxiTrEXn2Q3Nkn1JNm+GfZT9Plvz1xxyWfjf+14e5CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/qusrs1P5nm2VOl3JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPRX+mMSEfXlZPHE0M53Dya/FxuvEfHWx5c+WJmsVpfG6ut/aa2vfthcf/aBDa8/zxoAAABg33vlSQZv36dv38cDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0qrK6Nj+Z59nSHjbiRr+rBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnsZfAQAA//9bFLc7")
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x810)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
futex_waitv(&(0x7f0000001ac0)=[{0x287, &(0x7f0000000280)=0x8000, 0x82}, {0x10, &(0x7f00000002c0), 0x2}, {0x8000, &(0x7f0000000300)=0x7, 0x2}, {0x6, &(0x7f0000000340)=0xd075, 0x80}, {0xfff, &(0x7f0000000380)=0x7, 0x2}, {0x2a, &(0x7f00000003c0)=0x3, 0x82}, {0x8, &(0x7f0000000400)=0x1, 0x2}, {0x5, &(0x7f0000000440)=0x800, 0x82}, {0x1, &(0x7f00000004c0)=0xfff, 0x82}, {0x8, &(0x7f0000000540)=0x81, 0x2}, {0x2, &(0x7f0000000580)=0x2c5, 0x82}, {0xfffffffffffffffa, &(0x7f0000000600)=0x8, 0x2}, {0x6, 0x0, 0x82}, {0x1, &(0x7f0000000680)=0x5, 0x82}, {0x400, &(0x7f00000006c0)=0x5, 0x41}, {0x8, &(0x7f0000000700)=0x10, 0x2}, {0x3, &(0x7f0000000740)=0xc2d100000000000, 0x82}, {0x1, &(0x7f0000000780)=0x5, 0x82}, {0x80000000, &(0x7f0000000800)=0x2, 0x82}, {0x5, &(0x7f0000000840)=0x6, 0x82}, {0x1b, &(0x7f0000000880)=0x40, 0x82}, {0xffffffff7fffffff, &(0x7f00000008c0)=0x5, 0x2}, {0xb, &(0x7f0000000900)=0xb, 0x82}, {0x1ff, &(0x7f0000000940)=0x6, 0x2}, {0xfcb, &(0x7f0000000980)=0x3, 0x2}, {0x4, &(0x7f00000009c0)=0x4, 0x2}, {0x81, &(0x7f0000000a00)=0x40, 0x82}, {0x3, &(0x7f0000000a40)=0x1, 0x80}, {0x1, &(0x7f0000000a80)=0x3, 0x2}, {0x6, &(0x7f0000000ac0)=0x6, 0x82}, {0x191fca1d, &(0x7f0000000b00)=0x1, 0x2}, {0x7, &(0x7f0000000b40), 0x82}, {0x9, &(0x7f0000000b80)=0xfffffffffffffc01, 0x82}, {0x5, &(0x7f0000000bc0)=0x4, 0x2}, {0x6, &(0x7f0000000c00)=0x4, 0x2}, {0xa, &(0x7f0000000c40)=0x100000001, 0x2}, {0x7, &(0x7f0000000c80)=0xfce, 0x82}, {0x2, &(0x7f0000000e00)=0x7fff, 0x2}, {0x50, &(0x7f0000000e40)=0x3ff, 0x2}, {0x8, &(0x7f0000000e80)=0x800, 0x2}, {0x4, &(0x7f0000000ec0), 0x82}, {0x401, &(0x7f0000000f00)=0x1, 0x82}, {0xbe6, &(0x7f0000001a00)=0x185, 0x2}, {0x7, &(0x7f0000001a40)=0xfac, 0x2}], 0x2c, 0x0, &(0x7f0000001f40)={0x77359400}, 0x1)
pwrite64(r1, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = getpid()
r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r2, 0x0, 0xffffffffffffffff, 0x0)
r4 = getpid()
r5 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, r4, 0x0, r3, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(r5, 0x2401, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
truncate(&(0x7f0000000000)='./file1\x00', 0x100003)

534.615002ms ago: executing program 9 (id=8726):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_config_ext={0x80, 0x7}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x3}, 0x0, 0x3, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
bpf$TOKEN_CREATE(0x24, &(0x7f0000000280)={0x0, r0}, 0x8)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=@updpolicy={0x1bc, 0x19, 0x1, 0x0, 0x400001, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0x3, 0x2}}, [@tmpl={0x104, 0x5, [{{@in=@local, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, {{@in6=@remote, 0x0, 0x3c}, 0x0, @in6=@mcast2}, {{@in6=@local, 0x0, 0x33}, 0x0, @in=@loopback}, {{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x0, @in=@rand_addr=0x64010101}]}]}, 0x1bc}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002100)={&(0x7f0000000640)='console\x00', r3}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x4, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4, 0x0, 0x100}, 0x18)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0xf1, &(0x7f0000000240)={&(0x7f0000000500)=@newqdisc={0x38, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0xc, 0x2, [@TCA_HHF_HH_FLOWS_LIMIT={0x4}]}}]}, 0x38}}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0))
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080200000e"], 0x50)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000001cc0)=[{{0x0, 0x0, &(0x7f00000003c0)=[{0x0}, {0x0}, {0x0}, {0x0}, {&(0x7f0000000700)="6ba095cec5061c959f", 0x9}], 0x5}}], 0x1, 0x40400c1)
r5 = perf_event_open(&(0x7f0000001480)={0x2, 0x80, 0x82, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x20000000, 0x10001}, 0x0, 0x0, 0x7, 0x0, 0x0, 0xd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x40082406, &(0x7f0000000180)='cpu==0||!')

485.462643ms ago: executing program 8 (id=8727):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000004000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000001c0)='kfree\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3, 0x0, 0x8000000}, 0x18)
openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/current\x00', 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_int(r4, &(0x7f0000000080)='notify_on_release\x00', 0x2, 0x0)
socket$kcm(0x2, 0x200000000000003, 0x106)
socket$inet_udp(0x2, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000580)=ANY=[@ANYBLOB="180000008000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000c44185000000040000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200000a000000b703000000000000850000007500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sys_enter\x00', r5}, 0x10)
socket$kcm(0xa, 0x2, 0x88)
socket$kcm(0x10, 0x2, 0x10)
socket$kcm(0x1e, 0x4, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240))
socket$kcm(0x2, 0x5, 0x84)
socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x204080, 0x0)
socket$kcm(0x2, 0x200000000000001, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.stat\x00', 0x26e1, 0x0)
socket$kcm(0xa, 0x2, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8}, 0x5f21df7aec8d40fb, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000001c0)=ANY=[@ANYRES32, @ANYRES32=r6, @ANYRES64=r6], 0x20)

460.819783ms ago: executing program 9 (id=8728):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f0000000100)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000004000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000001c0)='kfree\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3, 0x0, 0x8000000}, 0x18)
openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/current\x00', 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_int(r4, &(0x7f0000000080)='notify_on_release\x00', 0x2, 0x0)
socket$kcm(0x2, 0x200000000000003, 0x106)
socket$inet_udp(0x2, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000580)=ANY=[@ANYBLOB="180000008000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000c44185000000040000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200000a000000b703000000000000850000007500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sys_enter\x00', r5}, 0x10)
socket$kcm(0xa, 0x2, 0x88)
socket$kcm(0x10, 0x2, 0x10)
socket$kcm(0x1e, 0x4, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240))
socket$kcm(0x2, 0x5, 0x84)
socket$kcm(0x2, 0x5, 0x84)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x204080, 0x0)
socket$kcm(0x2, 0x200000000000001, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8}, 0x5f21df7aec8d40fb, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000001c0)=ANY=[@ANYRES32, @ANYRES32=r6, @ANYRES64=r6], 0x20)

399.953164ms ago: executing program 8 (id=8729):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
r1 = gettid()
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x2082)
read(r2, &(0x7f0000000100)=""/140, 0xde)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r2, 0x4040534e, &(0x7f0000000040)={0x197, @tick, 0x0, {}, 0xff, 0x2})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r2, 0xc0605345, &(0x7f00000001c0)={0xfffffffd, 0x2, {0xffffffffffffffff, 0x0, 0x8, 0x3, 0x8}, 0x3})
tkill(r1, 0x7)
setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000940)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000500000002000000e00000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000064010102000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000e000000200"/637], 0x310)

399.415394ms ago: executing program 9 (id=8730):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000004000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000001c0)='kfree\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x8000000}, 0x18)
openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/current\x00', 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_int(r3, &(0x7f0000000080)='notify_on_release\x00', 0x2, 0x0)
socket$kcm(0x2, 0x200000000000003, 0x106)
socket$inet_udp(0x2, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000580)=ANY=[@ANYBLOB="180000008000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000c44185000000040000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200000a000000b703000000000000850000007500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sys_enter\x00', r4}, 0x10)
socket$kcm(0xa, 0x2, 0x88)
socket$kcm(0x10, 0x2, 0x10)
socket$kcm(0x1e, 0x4, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240))
socket$kcm(0x2, 0x5, 0x84)
socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x204080, 0x0)
socket$kcm(0x2, 0x200000000000001, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8}, 0x5f21df7aec8d40fb, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000001c0)=ANY=[@ANYRES32, @ANYRES32=r5, @ANYRES64=r5], 0x20)

336.697795ms ago: executing program 9 (id=8731):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001000)={<r0=>0xffffffffffffffff})
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="0000000000000000000000140000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x48)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000380)={{0x1, 0x1, 0x18, <r1=>r0, {0x80000001}}, './cgroup.cpu/cgroup.procs\x00'})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x1a, &(0x7f0000000580)=ANY=[@ANYBLOB="180000e702000076e80b9bce3b970cff18110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000186300001000000000000000010000001860000004000000000000000600000018690000020000000000000008000000186400000900000000000000ff010000950000000000000007ed0500010100009500000000000000bf91000000000000b7020000000000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
lsetxattr$security_selinux(&(0x7f00000001c0)='./cgroup.cpu/cgroup.procs\x00', &(0x7f0000000200), &(0x7f0000000000)='system_u:object_r:devtty_t:s0\x00', 0x1e, 0x3)

283.401336ms ago: executing program 9 (id=8732):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$netlink(0x10, 0x3, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
creat(&(0x7f0000000280)='./bus\x00', 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'geneve0\x00', <r4=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000005c0)=@newlink={0x1a8, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r4, 0x600}, [@IFLA_VFINFO_LIST={0x188, 0x16, 0x0, 0x1, [{0xdc, 0x1, 0x0, 0x1, [@IFLA_VF_SPOOFCHK={0xc, 0x4, {0x80, 0x5a9}}, @IFLA_VF_VLAN_LIST={0xcc, 0xc, 0x0, 0x1, [{0x14, 0x1, {0x1, 0xbd0, 0x4, 0x88a8}}, {0x14, 0x1, {0x9, 0x4a7, 0xc992, 0x9a8}}, {0x14, 0x1, {0x40, 0x417, 0x1000, 0x8100}}, {0x14, 0x1, {0x0, 0x7c5, 0x101, 0x88a8}}, {0x14, 0x1, {0xfffffffe, 0xcbe, 0x7, 0x88a8}}, {0x14, 0x1, {0x2, 0x2b6, 0x5, 0x88a8}}, {0x14, 0x1, {0x1, 0xc2d, 0xed0, 0x8100}}, {0x14, 0x1, {0x5, 0xfdd, 0x9, 0x8100}}, {0x14, 0x1, {0x2, 0xb26, 0x7, 0x88a8}}, {0x14, 0x1, {0x1, 0xc1e, 0x7, 0x88a8}}]}]}, {0xa8, 0x1, 0x0, 0x1, [@IFLA_VF_MAC={0x28, 0x1, {0x3, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x32}}}, @IFLA_VF_IB_PORT_GUID={0x14}, @IFLA_VF_TX_RATE={0xc, 0x3, {0xfffffffe, 0x5}}, @IFLA_VF_LINK_STATE={0xc, 0x5, {0xd, 0xb}}, @IFLA_VF_TRUST={0xc, 0x9, {0x0, 0xb4b30ff}}, @IFLA_VF_VLAN={0x10, 0x2, {0xdbc, 0xc7a, 0x2}}, @IFLA_VF_MAC={0x28, 0x1, {0x4}}, @IFLA_VF_LINK_STATE={0xc, 0x5, {0x3, 0x8}}]}]}]}, 0x1a8}, 0x1, 0x2}, 0x4080)

170.531898ms ago: executing program 8 (id=8733):
unshare(0x20000400)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000f"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2, 0x0, 0x5}, 0x18)
readahead(0xffffffffffffffff, 0x5, 0x3)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa4000000", @ANYRES32=r4, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff, @void, @value}, 0x94)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x4f0, 0x340, 0x25, 0x148, 0x0, 0x60, 0x458, 0x2a8, 0x2a8, 0x458, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x44, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_bond\x00', 'veth0\x00', {0xff}}, 0x0, 0xd0, 0x118, 0x0, {}, [@common=@unspec=@cgroup0={{0x28}, {0x4}}, @common=@unspec=@statistic={{0x38}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x8000, 'syz0\x00', {0x481c}}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x550)

170.013908ms ago: executing program 8 (id=8734):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x4, 0x3, 0xff, "0062ba7d820000000001001f820dac4eb71eed"})
r1 = syz_open_pts(r0, 0x800)
r2 = dup(r1)
fsetxattr$security_selinux(r2, &(0x7f0000000000), &(0x7f0000000040)='system_u:object_r:mouse_device_t:s0\x00', 0x20, 0x0)
setsockopt$sock_timeval(r2, 0x1, 0x43, &(0x7f0000000180), 0x10)

142.985578ms ago: executing program 9 (id=8735):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2000410, &(0x7f0000000000)={[{@bsdgroups}, {@jqfmt_vfsv1}]}, 0xc1, 0x7da, &(0x7f0000000fc0)="$eJzs3c1rG80dAODfyh+ynbR2odAmJ0OhNYTIdeomLfSQ0kMpNBBoz02MrJjUshUsOcTGEOdQ6KXQlh4K7SXnfqSHQq/9uLb/ROmhJITWMW/e04tediX5U5LtxJId/Dyw2pnd2Z0Z7ezsSLtIAVxYk+lLLuJKRPw8iRhvLk8iYigLDUbcbqR7u7VRTKck6vUf/C/J0vz50u6+kub8UjPyxYj4+08iruUO5jranJdLK83QdG3p0XR1bf36w6W5hdJCafnmzOzsjVtfv3Xz8Fbv6qN/rV9+9YvvfuWPtwfjCy9+9o8kbsfl5rrtrY3ie+7+kMmYbL4nQ+lbuM93TjuzM5acdQF4J+mpOdA4y+NKjMdAFurgfU9AAOBceBoRdQDggklc/wHggml9D7C9tVFsTWf7jUR/vf52RIw06t+6v9lYM9i8ZzeS3Qcd20723RlJImLiFPKfjIjf/uVHv0+n6NF9SIB2Np9FxP2Jye2t/IH+P0n7v+Gj95DvuOar3TarN7abPLBY/wf989d0/PONw+O/qzsP9IxkrwfGPyP5Nufuuzj6/M+97LDpMfqmo6Xjv2/tebZtd/y389DaxEAz9plszDeUPHhYLqV922cjYiqG8ml8Jkva/imoqTefvOmU/97x3/9/+ePfpfmn890UuZeD+aiP79lmfq42dwpVz7x+FnF1sF39k53xb9Jh/Hu34173H5rvffOnv+mUMq1/Wt/WdLj+vVV/HvHltsd/91gmXZ9PnM6aw3SrUbTxp//8eqxT/rvHP5/N0/xbnwX6IT3+Y93rP5GGqmvri3PlcmmlevI8/vl8/G+d1u1t/+3rn7X/fdL2P5z8MAu3WtqTuVptZSZiOPn+4eU3drdtxVvp0/pPfan9+d+p/eeaz8be34l1N/hq+A/NXbWtf2azU/17K63//ImOf5dAvbnNgVUv3i4OdMr/eMd/NgtNNZccp/87oqTv0ZoBAAAAAAAAAAAAAAAAAAAAAAAA4ORyEXE5klxhJ5zLFQqN//D+fIzlypVq7dqDyuryfGT/lT0RQ7nWT12O7/k91Jnm7+G34jcOxL8WEZ+LiF/lR7N4oVgpz5915QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg6dL+//9/ms4Khca6/+bPunQAQM+MnHUBAIC+c/0HgIvnZNf/0Z6VAwDonxN//q8nvSkIANA3x77+3+9tOQCA/nH/HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgB67e+dOOtU/3toopvH5x2uri5XH1+dL1cXC0mqxUKysPCosVCoL5VKhWFnquKPNxqxcqTyajeXVJ9O1UrU2XV1bv7dUWV2u3Xu4NLdQulca6lvNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD4qmvri3PlcmlFoEtgtDR6HopxjgKDcS6KcSiw+e+hrF13TRwTH0zjH+6SJjnNvEYPLtnbS4yeSd8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8CH4NAAA//9RvRhH")
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=<r1=>0x0)
timer_settime(r1, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
r2 = socket$caif_stream(0x25, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000080000000000008000001d8500000007000000850000002a00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x41, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmmsg$inet(r2, &(0x7f0000000fc0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000380)="92e0", 0x2}], 0x1}, 0x1000000}], 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newtaction={0x70, 0x30, 0xffff, 0x0, 0x25dfdbff, {}, [{0x5c, 0x1, [@m_ife={0x58, 0x1, 0x0, 0x0, {{0x8}, {0x30, 0x2, 0x0, 0x1, [@TCA_IFE_METALST={0x10, 0x6, [@IFE_META_PRIO={0x8, 0x3, @val=0x949}, @IFE_META_SKBMARK={0x4, 0x1, @void}]}, @TCA_IFE_PARMS={0x1c, 0x1, {{0x1, 0x9, 0x0, 0x5, 0x1}, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'veth0_macvtap\x00'})
syz_genetlink_get_family_id$devlink(&(0x7f0000000100), 0xffffffffffffffff)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, 0xffffffffffffffff, 0x0)

0s ago: executing program 8 (id=8736):
r0 = openat$incfs(0xffffffffffffffff, &(0x7f0000000080)='.log\x00', 0x400360, 0x4)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), r0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000040)='veno\x00', 0x5)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x1a, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180200000000000000000000000002001801000020646c4300000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x3a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x1e00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000380)='sys_enter\x00', r3}, 0x18)
sigaltstack(0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000280)='sched_switch\x00', r2, 0x0, 0x2}, 0x18)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xf, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180200000000000000000000000002001801000020646c4300000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x3a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000340)='mmap_lock_acquire_returned\x00'}, 0x18)
r4 = gettid()
process_vm_writev(r4, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000), 0x0, 0x0)

kernel console output (not intermixed with test programs):

etails
[ 1104.573182][T28304] EXT4-fs (loop8): free_blocks=2415919104
[ 1104.579272][T28304] EXT4-fs (loop8): dirty_blocks=4128
[ 1104.585162][T28304] EXT4-fs (loop8): Block reservation details
[ 1104.592117][T28304] EXT4-fs (loop8): i_reserved_data_blocks=258
[ 1104.686127][T28328] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[ 1104.733292][T28336] netlink: 240 bytes leftover after parsing attributes in process `syz.1.7972'.
[ 1104.756329][T28338] loop0: detected capacity change from 0 to 1024
[ 1104.773862][T28338] EXT4-fs: Ignoring removed nobh option
[ 1104.779635][T28338] EXT4-fs: Ignoring removed bh option
[ 1104.820908][T28336] netlink: 28 bytes leftover after parsing attributes in process `syz.1.7972'.
[ 1104.865528][   T37] EXT4-fs (loop8): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28
[ 1104.902079][T28338] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1104.950315][T28338] EXT4-fs (loop0): shut down requested (0)
[ 1104.959217][T28348] netlink: 4 bytes leftover after parsing attributes in process `syz.9.7969'.
[ 1105.013300][T22062] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1105.212796][T28339] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[ 1105.254195][T28339] EXT4-fs (loop9): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[ 1105.267301][T28339] EXT4-fs (loop9): This should not happen!! Data will be lost
[ 1105.267301][T28339] 
[ 1105.267440][T28353] loop2: detected capacity change from 0 to 512
[ 1105.277342][T28339] EXT4-fs (loop9): Total free blocks count 0
[ 1105.277366][T28339] EXT4-fs (loop9): Free/Dirty block details
[ 1105.288767][T28356] netlink: 240 bytes leftover after parsing attributes in process `syz.1.7978'.
[ 1105.290389][T28339] EXT4-fs (loop9): free_blocks=2415919104
[ 1105.299297][T28353] EXT4-fs: Ignoring removed orlov option
[ 1105.305613][T28339] EXT4-fs (loop9): dirty_blocks=8208
[ 1105.305633][T28339] EXT4-fs (loop9): Block reservation details
[ 1105.312453][T28353] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1105.317220][T28339] EXT4-fs (loop9): i_reserved_data_blocks=513
[ 1105.350251][T28356] netlink: 28 bytes leftover after parsing attributes in process `syz.1.7978'.
[ 1105.366682][T28357] netlink: 'syz.0.7976': attribute type 10 has an invalid length.
[ 1105.387569][T28353] EXT4-fs (loop2): orphan cleanup on readonly fs
[ 1105.417334][T28353] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.7977: bg 0: block 248: padding at end of block bitmap is not set
[ 1105.464925][ T5797] EXT4-fs (loop9): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28
[ 1105.484986][T28353] __quota_error: 80 callbacks suppressed
[ 1105.485006][T28353] Quota error (device loop2): write_blk: dquota write failed
[ 1105.499614][T28353] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[ 1105.510227][T28353] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.7977: Failed to acquire dquot type 1
[ 1105.530612][T28353] EXT4-fs (loop2): 1 truncate cleaned up
[ 1105.537377][T28353] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1105.608578][T28353] netlink: 'syz.2.7977': attribute type 1 has an invalid length.
[ 1105.616654][T28353] netlink: 224 bytes leftover after parsing attributes in process `syz.2.7977'.
[ 1105.679144][T28357] bond0: (slave dummy0): Enslaving as an active interface with an up link
[ 1105.718278][T22179] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1105.763414][T28373] loop9: detected capacity change from 0 to 1024
[ 1105.800026][T28373] EXT4-fs: Ignoring removed bh option
[ 1105.825624][T28377] SELinux: syz.2.7983 (28377) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[ 1105.873230][T28373] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1106.053140][T25100] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1106.255951][T28388] loop0: detected capacity change from 0 to 2048
[ 1106.689522][T28394] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7990'.
[ 1106.954020][T28402] loop8: detected capacity change from 0 to 2048
[ 1106.982162][T28388] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[ 1107.002272][T28402] EXT4-fs (loop8): failed to initialize system zone (-117)
[ 1107.026245][T28402] EXT4-fs (loop8): mount failed
[ 1107.062593][T28402] program syz.8.7994 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1107.126105][   T29] audit: type=1400 audit(2000000919.260:12269): avc:  denied  { write } for  pid=28401 comm="syz.8.7994" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1107.149362][T28402] netlink: 'syz.8.7994': attribute type 32 has an invalid length.
[ 1107.195662][   T29] audit: type=1400 audit(2000000919.290:12270): avc:  denied  { nlmsg_write } for  pid=28401 comm="syz.8.7994" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1107.234216][T28418] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7989'.
[ 1107.508034][T28431] loop8: detected capacity change from 0 to 2048
[ 1107.563671][T28431] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1107.629919][T28431] ext4 filesystem being mounted at /320/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1107.689696][T28412] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[ 1107.707951][T28412] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[ 1107.721469][T28412] EXT4-fs (loop0): This should not happen!! Data will be lost
[ 1107.721469][T28412] 
[ 1107.731634][T28412] EXT4-fs (loop0): Total free blocks count 0
[ 1107.737862][T28412] EXT4-fs (loop0): Free/Dirty block details
[ 1107.744540][T28412] EXT4-fs (loop0): free_blocks=2415919104
[ 1107.752069][T28412] EXT4-fs (loop0): dirty_blocks=4624
[ 1107.758719][T28412] EXT4-fs (loop0): Block reservation details
[ 1107.765496][T28412] EXT4-fs (loop0): i_reserved_data_blocks=289
[ 1107.816561][T23221] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28
[ 1107.898084][T28448] loop9: detected capacity change from 0 to 256
[ 1108.116743][T28467] loop0: detected capacity change from 0 to 1024
[ 1108.155062][T28467] EXT4-fs: Ignoring removed nobh option
[ 1108.160775][T28467] EXT4-fs: Ignoring removed bh option
[ 1108.195166][T28467] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1108.214408][T28467] EXT4-fs (loop0): shut down requested (0)
[ 1108.389974][   T29] audit: type=1326 audit(2000000920.510:12271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28475 comm="syz.2.8015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc81e11e929 code=0x7ffc0000
[ 1108.414520][   T29] audit: type=1326 audit(2000000920.510:12272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28475 comm="syz.2.8015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc81e11e929 code=0x7ffc0000
[ 1108.438945][   T29] audit: type=1326 audit(2000000920.510:12273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28475 comm="syz.2.8015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc81e11e929 code=0x7ffc0000
[ 1108.464062][   T29] audit: type=1326 audit(2000000920.510:12274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28475 comm="syz.2.8015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc81e11e929 code=0x7ffc0000
[ 1108.488459][   T29] audit: type=1326 audit(2000000920.510:12275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28475 comm="syz.2.8015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=187 compat=0 ip=0x7fc81e11e929 code=0x7ffc0000
[ 1108.514086][   T29] audit: type=1326 audit(2000000920.510:12276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28475 comm="syz.2.8015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc81e11e929 code=0x7ffc0000
[ 1109.167956][T23220] EXT4-fs error (device loop8): ext4_validate_block_bitmap:441: comm kworker/u8:32: bg 0: block 345: padding at end of block bitmap is not set
[ 1109.626492][T28485] loop2: detected capacity change from 0 to 512
[ 1110.168986][T23220] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 880 with error 117
[ 1110.182152][T23220] EXT4-fs (loop8): This should not happen!! Data will be lost
[ 1110.182152][T23220] 
[ 1110.199239][T22062] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1110.221992][T28485] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[ 1110.235271][T28485] ext4 filesystem being mounted at /472/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1110.247164][T28485] FAULT_INJECTION: forcing a failure.
[ 1110.247164][T28485] name failslab, interval 1, probability 0, space 0, times 0
[ 1110.260355][T28485] CPU: 1 UID: 0 PID: 28485 Comm: syz.2.8018 Not tainted 6.16.0-rc2-syzkaller-00047-g52da431bf03b #0 PREEMPT(voluntary) 
[ 1110.260468][T28485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1110.260480][T28485] Call Trace:
[ 1110.260490][T28485]  <TASK>
[ 1110.260499][T28485]  __dump_stack+0x1d/0x30
[ 1110.260524][T28485]  dump_stack_lvl+0xe8/0x140
[ 1110.260546][T28485]  dump_stack+0x15/0x1b
[ 1110.260566][T28485]  should_fail_ex+0x265/0x280
[ 1110.260636][T28485]  should_failslab+0x8c/0xb0
[ 1110.260662][T28485]  kmem_cache_alloc_noprof+0x50/0x310
[ 1110.260693][T28485]  ? alloc_empty_file+0x76/0x200
[ 1110.260717][T28485]  alloc_empty_file+0x76/0x200
[ 1110.260761][T28485]  path_openat+0x68/0x2170
[ 1110.260791][T28485]  ? _parse_integer_limit+0x170/0x190
[ 1110.260822][T28485]  ? _parse_integer+0x27/0x40
[ 1110.260846][T28485]  ? kstrtoull+0x111/0x140
[ 1110.260935][T28485]  ? kstrtouint+0x76/0xc0
[ 1110.260963][T28485]  do_filp_open+0x109/0x230
[ 1110.260996][T28485]  do_sys_openat2+0xa6/0x110
[ 1110.261025][T28485]  __x64_sys_open+0xe6/0x110
[ 1110.261051][T28485]  x64_sys_call+0x14d4/0x2fb0
[ 1110.261072][T28485]  do_syscall_64+0xd2/0x200
[ 1110.261097][T28485]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[ 1110.261149][T28485]  ? clear_bhb_loop+0x40/0x90
[ 1110.261172][T28485]  ? clear_bhb_loop+0x40/0x90
[ 1110.261191][T28485]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1110.261216][T28485] RIP: 0033:0x7fc81e11e929
[ 1110.261236][T28485] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1110.261324][T28485] RSP: 002b:00007fc81c745038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[ 1110.261347][T28485] RAX: ffffffffffffffda RBX: 00007fc81e346160 RCX: 00007fc81e11e929
[ 1110.261359][T28485] RDX: 0000000000000000 RSI: 000000000014b27e RDI: 0000200000000180
[ 1110.261382][T28485] RBP: 00007fc81c745090 R08: 0000000000000000 R09: 0000000000000000
[ 1110.261397][T28485] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1110.261412][T28485] R13: 0000000000000000 R14: 00007fc81e346160 R15: 00007ffc0665e9d8
[ 1110.261434][T28485]  </TASK>
[ 1110.806592][   T29] kauditd_printk_skb: 17 callbacks suppressed
[ 1110.806613][   T29] audit: type=1326 audit(2000000922.920:12294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28488 comm="GPL" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d4120e929 code=0x7ffc0000
[ 1110.955023][   T29] audit: type=1326 audit(2000000923.000:12295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28488 comm="GPL" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d4120e929 code=0x7ffc0000
[ 1110.955379][T23745] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1110.996934][T22179] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[ 1111.035383][   T29] audit: type=1326 audit(2000000923.160:12296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28505 comm="syz.9.8027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5e621e929 code=0x7ffc0000
[ 1111.062109][   T29] audit: type=1326 audit(2000000923.160:12297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28505 comm="syz.9.8027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc5e621e929 code=0x7ffc0000
[ 1111.087716][   T29] audit: type=1326 audit(2000000923.160:12298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28505 comm="syz.9.8027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5e621e929 code=0x7ffc0000
[ 1111.112441][   T29] audit: type=1326 audit(2000000923.160:12299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28505 comm="syz.9.8027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=187 compat=0 ip=0x7fc5e621e929 code=0x7ffc0000
[ 1111.122595][T28510] netlink: 8 bytes leftover after parsing attributes in process `syz.9.8028'.
[ 1111.137676][   T29] audit: type=1326 audit(2000000923.160:12300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28505 comm="syz.9.8027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5e621e929 code=0x7ffc0000
[ 1111.172618][   T29] audit: type=1326 audit(2000000923.160:12301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28505 comm="syz.9.8027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc5e621e929 code=0x7ffc0000
[ 1111.199561][   T29] audit: type=1326 audit(2000000923.160:12302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28505 comm="syz.9.8027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5e621e929 code=0x7ffc0000
[ 1111.225890][   T29] audit: type=1326 audit(2000000923.160:12303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28505 comm="syz.9.8027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc5e621e929 code=0x7ffc0000
[ 1111.278425][T28516] loop2: detected capacity change from 0 to 512
[ 1111.289744][T28516] EXT4-fs: Ignoring removed orlov option
[ 1111.296161][T28516] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1111.310519][T28516] EXT4-fs (loop2): orphan cleanup on readonly fs
[ 1111.318303][T28516] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.8026: bg 0: block 248: padding at end of block bitmap is not set
[ 1111.342030][T28516] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.8026: Failed to acquire dquot type 1
[ 1111.354315][T28516] EXT4-fs (loop2): 1 truncate cleaned up
[ 1111.362445][T28516] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1111.391639][T28516] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[ 1111.626030][T28516] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[ 1111.688743][T28534] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8034'.
[ 1111.765691][T28516] ext4 filesystem being remounted at /473/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1111.913842][T28516] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.8026: Failed to acquire dquot type 1
[ 1112.023807][T28542] loop8: detected capacity change from 0 to 1024
[ 1112.123422][T28542] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1112.355152][T22179] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1112.466697][T28548] loop2: detected capacity change from 0 to 512
[ 1112.530279][T28548] EXT4-fs: Ignoring removed orlov option
[ 1112.562938][T28548] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1112.583347][T28542] SELinux: syz.8.8037 (28542) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[ 1112.602150][T28550] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8039'.
[ 1112.627689][T28548] EXT4-fs (loop2): orphan cleanup on readonly fs
[ 1112.657423][T28548] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.8038: bg 0: block 248: padding at end of block bitmap is not set
[ 1112.720634][T23745] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1112.740085][T28548] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.8038: Failed to acquire dquot type 1
[ 1112.805796][T28548] EXT4-fs (loop2): 1 truncate cleaned up
[ 1112.824800][T28557] xt_hashlimit: size too large, truncated to 1048576
[ 1112.841663][T28548] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1112.866728][T28555] hub 6-0:1.0: USB hub found
[ 1112.965305][T28548] netlink: 'syz.2.8038': attribute type 1 has an invalid length.
[ 1112.973232][T28548] netlink: 224 bytes leftover after parsing attributes in process `syz.2.8038'.
[ 1112.988065][T28555] hub 6-0:1.0: 8 ports detected
[ 1113.010168][T28558] netlink: 12 bytes leftover after parsing attributes in process `syz.8.8041'.
[ 1113.087229][T22179] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1113.321062][T28578] loop8: detected capacity change from 0 to 2048
[ 1113.328989][T28576] loop2: detected capacity change from 0 to 2048
[ 1113.358960][T28576] ext4 filesystem being mounted at /477/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1113.378375][T28570] netlink: 'syz.9.8046': attribute type 21 has an invalid length.
[ 1113.466912][T28585] netlink: 4 bytes leftover after parsing attributes in process `syz.8.8050'.
[ 1113.537380][T28583] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[ 1113.572504][T28583] EXT4-fs (loop8): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[ 1113.585445][T28583] EXT4-fs (loop8): This should not happen!! Data will be lost
[ 1113.585445][T28583] 
[ 1113.595989][T28583] EXT4-fs (loop8): Total free blocks count 0
[ 1113.602253][T28583] EXT4-fs (loop8): Free/Dirty block details
[ 1113.608247][T28583] EXT4-fs (loop8): free_blocks=2415919104
[ 1113.614092][T28583] EXT4-fs (loop8): dirty_blocks=3360
[ 1113.619472][T28583] EXT4-fs (loop8): Block reservation details
[ 1113.625571][T28583] EXT4-fs (loop8): i_reserved_data_blocks=210
[ 1113.662973][T28592] loop9: detected capacity change from 0 to 1024
[ 1113.684619][T28592] EXT4-fs: Ignoring removed bh option
[ 1113.692425][T28589] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8051'.
[ 1113.802564][T28602] netlink: 240 bytes leftover after parsing attributes in process `syz.9.8054'.
[ 1113.818533][T28602] netlink: 28 bytes leftover after parsing attributes in process `syz.9.8054'.
[ 1113.870199][T28601] netlink: 'syz.1.8055': attribute type 1 has an invalid length.
[ 1113.878666][T28601] netlink: 224 bytes leftover after parsing attributes in process `syz.1.8055'.
[ 1113.900400][T28594] loop0: detected capacity change from 0 to 128
[ 1114.153667][T23197] EXT4-fs (loop8): Delayed block allocation failed for inode 18 at logical offset 24 with max blocks 2 with error 28
[ 1114.166572][T23197] EXT4-fs (loop8): This should not happen!! Data will be lost
[ 1114.166572][T23197] 
[ 1114.205731][T28620] loop9: detected capacity change from 0 to 1024
[ 1114.211389][T28621] loop0: detected capacity change from 0 to 2048
[ 1114.230415][T28620] EXT4-fs: Ignoring removed nobh option
[ 1114.236793][T28620] EXT4-fs: Ignoring removed bh option
[ 1114.310858][T28620] EXT4-fs (loop9): shut down requested (0)
[ 1114.486405][T28637] loop9: detected capacity change from 0 to 512
[ 1114.500857][T28637] EXT4-fs: Ignoring removed orlov option
[ 1114.526610][T28637] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1114.548403][T28637] EXT4-fs (loop9): orphan cleanup on readonly fs
[ 1114.586033][T28637] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm syz.9.8068: bg 0: block 248: padding at end of block bitmap is not set
[ 1114.681681][T28637] EXT4-fs error (device loop9): ext4_acquire_dquot:6933: comm syz.9.8068: Failed to acquire dquot type 1
[ 1114.723599][T28637] EXT4-fs (loop9): 1 truncate cleaned up
[ 1114.772744][T28637] netlink: 'syz.9.8068': attribute type 1 has an invalid length.
[ 1114.775937][T23207] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm kworker/u8:19: bg 0: block 345: padding at end of block bitmap is not set
[ 1114.811589][T23207] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 241 with error 117
[ 1114.825824][T23207] EXT4-fs (loop2): This should not happen!! Data will be lost
[ 1114.825824][T23207] 
[ 1114.898575][T28635] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[ 1114.923994][T28635] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[ 1114.938021][T28635] EXT4-fs (loop0): This should not happen!! Data will be lost
[ 1114.938021][T28635] 
[ 1114.948476][T28635] EXT4-fs (loop0): Total free blocks count 0
[ 1114.955181][T28635] EXT4-fs (loop0): Free/Dirty block details
[ 1114.961854][T28635] EXT4-fs (loop0): free_blocks=2415919104
[ 1114.968013][T28635] EXT4-fs (loop0): dirty_blocks=8208
[ 1114.974109][T28635] EXT4-fs (loop0): Block reservation details
[ 1114.980521][T28635] EXT4-fs (loop0): i_reserved_data_blocks=513
[ 1115.032288][T28662] loop9: detected capacity change from 0 to 1024
[ 1115.039969][T28662] EXT4-fs: Ignoring removed bh option
[ 1115.138333][   T37] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28
[ 1115.151660][   T37] EXT4-fs (loop0): This should not happen!! Data will be lost
[ 1115.151660][   T37] 
[ 1115.208304][T28678] program syz.2.8084 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1115.217857][T28678] FAULT_INJECTION: forcing a failure.
[ 1115.217857][T28678] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1115.231395][T28678] CPU: 1 UID: 0 PID: 28678 Comm: syz.2.8084 Not tainted 6.16.0-rc2-syzkaller-00047-g52da431bf03b #0 PREEMPT(voluntary) 
[ 1115.231538][T28678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1115.231551][T28678] Call Trace:
[ 1115.231558][T28678]  <TASK>
[ 1115.231569][T28678]  __dump_stack+0x1d/0x30
[ 1115.231597][T28678]  dump_stack_lvl+0xe8/0x140
[ 1115.231657][T28678]  dump_stack+0x15/0x1b
[ 1115.231676][T28678]  should_fail_ex+0x265/0x280
[ 1115.231708][T28678]  should_fail+0xb/0x20
[ 1115.231788][T28678]  should_fail_usercopy+0x1a/0x20
[ 1115.231904][T28678]  _copy_from_user+0x1c/0xb0
[ 1115.231929][T28678]  scsi_ioctl+0x1108/0x14d0
[ 1115.231968][T28678]  ? avc_has_perm+0xd3/0x150
[ 1115.232000][T28678]  ? file_has_perm+0x324/0x370
[ 1115.232085][T28678]  ? do_vfs_ioctl+0x9df/0x11d0
[ 1115.232165][T28678]  sg_ioctl+0xdf6/0x1360
[ 1115.232199][T28678]  ? __pfx_sg_ioctl+0x10/0x10
[ 1115.232223][T28678]  __se_sys_ioctl+0xce/0x140
[ 1115.232311][T28678]  __x64_sys_ioctl+0x43/0x50
[ 1115.232336][T28678]  x64_sys_call+0x19a8/0x2fb0
[ 1115.232397][T28678]  do_syscall_64+0xd2/0x200
[ 1115.232419][T28678]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[ 1115.232448][T28678]  ? clear_bhb_loop+0x40/0x90
[ 1115.232472][T28678]  ? clear_bhb_loop+0x40/0x90
[ 1115.232563][T28678]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1115.232584][T28678] RIP: 0033:0x7fc81e11e929
[ 1115.232601][T28678] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1115.232619][T28678] RSP: 002b:00007fc81c787038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1115.232639][T28678] RAX: ffffffffffffffda RBX: 00007fc81e345fa0 RCX: 00007fc81e11e929
[ 1115.232654][T28678] RDX: 0000200000000000 RSI: 0000000000000001 RDI: 0000000000000003
[ 1115.232668][T28678] RBP: 00007fc81c787090 R08: 0000000000000000 R09: 0000000000000000
[ 1115.232702][T28678] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1115.232714][T28678] R13: 0000000000000000 R14: 00007fc81e345fa0 R15: 00007ffc0665e9d8
[ 1115.232731][T28678]  </TASK>
[ 1115.572364][T28686] xt_hashlimit: max too large, truncated to 1048576
[ 1115.575763][T28690] loop2: detected capacity change from 0 to 1024
[ 1115.587143][T28690] EXT4-fs: Ignoring removed bh option
[ 1115.706513][T28698] loop2: detected capacity change from 0 to 1024
[ 1115.739363][T28698] EXT4-fs: Ignoring removed nobh option
[ 1115.745286][T28698] EXT4-fs: Ignoring removed bh option
[ 1115.787319][T28698] EXT4-fs (loop2): shut down requested (0)
[ 1115.908108][T28714] loop8: detected capacity change from 0 to 1024
[ 1115.969511][T28722] loop9: detected capacity change from 0 to 2048
[ 1116.006300][T28722] ext4 filesystem being mounted at /275/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1116.068291][T28714] SELinux: syz.8.8096 (28714) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[ 1116.167001][   T29] kauditd_printk_skb: 34 callbacks suppressed
[ 1116.167022][   T29] audit: type=1326 audit(2000000928.300:12330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28734 comm="syz.8.8103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f267e50e929 code=0x7ffc0000
[ 1116.326415][   T29] audit: type=1326 audit(2000000928.340:12331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28734 comm="syz.8.8103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f267e50e929 code=0x7ffc0000
[ 1116.350701][   T29] audit: type=1326 audit(2000000928.340:12332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28734 comm="syz.8.8103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f267e50e929 code=0x7ffc0000
[ 1116.375446][   T29] audit: type=1326 audit(2000000928.340:12333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28734 comm="syz.8.8103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f267e50e929 code=0x7ffc0000
[ 1116.400004][   T29] audit: type=1326 audit(2000000928.340:12334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28734 comm="syz.8.8103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f267e50e929 code=0x7ffc0000
[ 1116.423912][   T29] audit: type=1326 audit(2000000928.340:12335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28734 comm="syz.8.8103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f267e50e929 code=0x7ffc0000
[ 1116.448991][   T29] audit: type=1326 audit(2000000928.340:12336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28734 comm="syz.8.8103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f267e50e929 code=0x7ffc0000
[ 1116.474270][   T29] audit: type=1326 audit(2000000928.340:12337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28734 comm="syz.8.8103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f267e50e929 code=0x7ffc0000
[ 1116.498240][   T29] audit: type=1326 audit(2000000928.340:12338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28734 comm="syz.8.8103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f267e50e929 code=0x7ffc0000
[ 1116.523568][   T29] audit: type=1326 audit(2000000928.340:12339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28734 comm="syz.8.8103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f267e50e929 code=0x7ffc0000
[ 1116.710071][T23195] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm kworker/u8:8: bg 0: block 345: padding at end of block bitmap is not set
[ 1116.725957][T28759] __nla_validate_parse: 13 callbacks suppressed
[ 1116.725977][T28759] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8109'.
[ 1116.793368][T23195] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 241 with error 117
[ 1116.806548][T23195] EXT4-fs (loop9): This should not happen!! Data will be lost
[ 1116.806548][T23195] 
[ 1117.064331][T28776] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8111'.
[ 1117.145299][T28781] loop0: detected capacity change from 0 to 1024
[ 1117.282688][T28781] SELinux: syz.0.8119 (28781) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[ 1117.353360][T28793] netlink: 240 bytes leftover after parsing attributes in process `syz.0.8124'.
[ 1117.365380][T28795] xt_cluster: you have exceeded the maximum number of cluster nodes (514 > 32)
[ 1117.382406][T28793] netlink: 28 bytes leftover after parsing attributes in process `syz.0.8124'.
[ 1117.397355][T28798] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8127'.
[ 1117.439656][T28803] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8128'.
[ 1117.515579][T28806] loop2: detected capacity change from 0 to 512
[ 1117.546275][T28806] EXT4-fs: Ignoring removed orlov option
[ 1117.574582][T28806] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1117.608696][T28806] EXT4-fs (loop2): orphan cleanup on readonly fs
[ 1117.618836][T28806] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.8130: bg 0: block 248: padding at end of block bitmap is not set
[ 1117.636639][T28806] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.8130: Failed to acquire dquot type 1
[ 1117.648736][T28806] EXT4-fs (loop2): 1 truncate cleaned up
[ 1117.855213][T28806] netlink: 'syz.2.8130': attribute type 1 has an invalid length.
[ 1117.863879][T28806] netlink: 224 bytes leftover after parsing attributes in process `syz.2.8130'.
[ 1118.086806][T28825] loop0: detected capacity change from 0 to 1024
[ 1118.371689][T28831] loop2: detected capacity change from 0 to 256
[ 1118.422169][T28825] SELinux: syz.0.8134 (28825) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[ 1118.642240][T28836] FAULT_INJECTION: forcing a failure.
[ 1118.642240][T28836] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1118.656915][T28836] CPU: 0 UID: 0 PID: 28836 Comm: syz.8.8137 Not tainted 6.16.0-rc2-syzkaller-00047-g52da431bf03b #0 PREEMPT(voluntary) 
[ 1118.656948][T28836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1118.656961][T28836] Call Trace:
[ 1118.657010][T28836]  <TASK>
[ 1118.657018][T28836]  __dump_stack+0x1d/0x30
[ 1118.657044][T28836]  dump_stack_lvl+0xe8/0x140
[ 1118.657064][T28836]  dump_stack+0x15/0x1b
[ 1118.657081][T28836]  should_fail_ex+0x265/0x280
[ 1118.657127][T28836]  should_fail+0xb/0x20
[ 1118.657170][T28836]  should_fail_usercopy+0x1a/0x20
[ 1118.657202][T28836]  _copy_from_user+0x1c/0xb0
[ 1118.657225][T28836]  __copy_msghdr+0x244/0x300
[ 1118.657297][T28836]  ___sys_sendmsg+0x109/0x1d0
[ 1118.657338][T28836]  __x64_sys_sendmsg+0xd4/0x160
[ 1118.657372][T28836]  x64_sys_call+0x2999/0x2fb0
[ 1118.657404][T28836]  do_syscall_64+0xd2/0x200
[ 1118.657423][T28836]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[ 1118.657447][T28836]  ? clear_bhb_loop+0x40/0x90
[ 1118.657547][T28836]  ? clear_bhb_loop+0x40/0x90
[ 1118.657570][T28836]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1118.657590][T28836] RIP: 0033:0x7f267e50e929
[ 1118.657606][T28836] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1118.657625][T28836] RSP: 002b:00007f267cb77038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1118.657645][T28836] RAX: ffffffffffffffda RBX: 00007f267e735fa0 RCX: 00007f267e50e929
[ 1118.657657][T28836] RDX: 0000000020000000 RSI: 0000200000000600 RDI: 0000000000000003
[ 1118.657724][T28836] RBP: 00007f267cb77090 R08: 0000000000000000 R09: 0000000000000000
[ 1118.657782][T28836] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1118.657797][T28836] R13: 0000000000000000 R14: 00007f267e735fa0 R15: 00007ffd0193cd78
[ 1118.657834][T28836]  </TASK>
[ 1118.694296][T28838] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8138'.
[ 1118.876279][T28847] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8141'.
[ 1118.974449][T28858] netlink: 4 bytes leftover after parsing attributes in process `syz.8.8147'.
[ 1119.153220][T28872] loop8: detected capacity change from 0 to 1024
[ 1119.327102][T28869] SELinux: syz.8.8149 (28869) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[ 1119.562284][T28884] netlink: 'syz.9.8153': attribute type 3 has an invalid length.
[ 1119.600358][T28884] loop9: detected capacity change from 0 to 512
[ 1119.626640][T28887] xt_cluster: you have exceeded the maximum number of cluster nodes (514 > 32)
[ 1119.674159][T28884] EXT4-fs (loop9): external journal device major/minor numbers have changed
[ 1119.770009][T28884] EXT4-fs (loop9): failed to open journal device unknown-block(11,131) -6
[ 1119.816205][T28879] loop9: detected capacity change from 0 to 128
[ 1119.972743][T28895] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=28895 comm=syz.1.8157
[ 1120.123368][T28905] loop2: detected capacity change from 0 to 1024
[ 1120.147767][T28905] EXT4-fs: Ignoring removed nobh option
[ 1120.153824][T28905] EXT4-fs: Ignoring removed bh option
[ 1120.179387][T28911] loop0: detected capacity change from 0 to 2048
[ 1120.195870][T28905] EXT4-fs (loop2): shut down requested (0)
[ 1120.204364][T28911] ext4 filesystem being mounted at /476/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1120.313502][T28923] loop2: detected capacity change from 0 to 512
[ 1120.347551][T28923] EXT4-fs: Ignoring removed orlov option
[ 1120.380664][T28923] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1120.422863][T28923] EXT4-fs (loop2): orphan cleanup on readonly fs
[ 1120.478039][T28923] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.8168: bg 0: block 248: padding at end of block bitmap is not set
[ 1120.565197][T28923] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.8168: Failed to acquire dquot type 1
[ 1120.595998][T28932] loop9: detected capacity change from 0 to 512
[ 1120.609368][T28932] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[ 1120.680329][T28923] EXT4-fs (loop2): 1 truncate cleaned up
[ 1120.777907][T23195] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm kworker/u8:8: bg 0: block 345: padding at end of block bitmap is not set
[ 1120.877262][T23195] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 241 with error 117
[ 1120.890649][T23195] EXT4-fs (loop0): This should not happen!! Data will be lost
[ 1120.890649][T23195] 
[ 1120.913636][T28937] loop9: detected capacity change from 0 to 1024
[ 1121.040029][T28937] SELinux: syz.9.8172 (28937) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[ 1121.127837][T28947] loop8: detected capacity change from 0 to 1024
[ 1121.136913][T28947] EXT4-fs: Ignoring removed bh option
[ 1121.343396][T28956] hub 6-0:1.0: USB hub found
[ 1121.360252][T28956] hub 6-0:1.0: 8 ports detected
[ 1121.492332][   T29] kauditd_printk_skb: 136 callbacks suppressed
[ 1121.492353][   T29] audit: type=1400 audit(2000000933.630:12472): avc:  denied  { write } for  pid=28961 comm="syz.2.8182" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[ 1121.542535][T28960] loop9: detected capacity change from 0 to 512
[ 1121.632804][T28960] EXT4-fs: Ignoring removed orlov option
[ 1121.675727][T28960] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1121.698551][T28960] EXT4-fs (loop9): orphan cleanup on readonly fs
[ 1121.716389][T28960] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm syz.9.8181: bg 0: block 248: padding at end of block bitmap is not set
[ 1121.789033][T28968] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[ 1122.040089][T28960] Quota error (device loop9): write_blk: dquota write failed
[ 1122.049137][T28960] Quota error (device loop9): qtree_write_dquot: Error -117 occurred while creating quota
[ 1122.059318][T28960] EXT4-fs error (device loop9): ext4_acquire_dquot:6933: comm syz.9.8181: Failed to acquire dquot type 1
[ 1122.319425][T28960] EXT4-fs (loop9): 1 truncate cleaned up
[ 1122.409933][   T29] audit: type=1326 audit(2000000934.540:12473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28972 comm="syz.1.8185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d4120e929 code=0x7ffc0000
[ 1122.434157][   T29] audit: type=1326 audit(2000000934.540:12474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28972 comm="syz.1.8185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d4120e929 code=0x7ffc0000
[ 1122.458050][   T29] audit: type=1326 audit(2000000934.540:12475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28972 comm="syz.1.8185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1d4120e929 code=0x7ffc0000
[ 1122.482029][   T29] audit: type=1326 audit(2000000934.540:12476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28972 comm="syz.1.8185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d4120e929 code=0x7ffc0000
[ 1122.506198][   T29] audit: type=1326 audit(2000000934.540:12477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28972 comm="syz.1.8185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=187 compat=0 ip=0x7f1d4120e929 code=0x7ffc0000
[ 1122.530691][   T29] audit: type=1326 audit(2000000934.540:12478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28972 comm="syz.1.8185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d4120e929 code=0x7ffc0000
[ 1122.554680][   T29] audit: type=1326 audit(2000000934.540:12479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28972 comm="syz.1.8185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1d4120e929 code=0x7ffc0000
[ 1122.607823][T28977] SELinux:  Context system_u:object_r:devtty_t:s0 is not valid (left unmapped).
[ 1122.674646][T28984] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[ 1122.688462][T28988] loop0: detected capacity change from 0 to 2048
[ 1122.713677][T28990] __nla_validate_parse: 3 callbacks suppressed
[ 1122.713696][T28990] netlink: 240 bytes leftover after parsing attributes in process `syz.9.8193'.
[ 1122.755625][T28990] netlink: 28 bytes leftover after parsing attributes in process `syz.9.8193'.
[ 1122.794051][T28988] ext4 filesystem being mounted at /477/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1122.903818][T29005] FAULT_INJECTION: forcing a failure.
[ 1122.903818][T29005] name failslab, interval 1, probability 0, space 0, times 0
[ 1122.917215][T29005] CPU: 1 UID: 0 PID: 29005 Comm: syz.2.8198 Not tainted 6.16.0-rc2-syzkaller-00047-g52da431bf03b #0 PREEMPT(voluntary) 
[ 1122.917346][T29005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1122.917360][T29005] Call Trace:
[ 1122.917368][T29005]  <TASK>
[ 1122.917377][T29005]  __dump_stack+0x1d/0x30
[ 1122.917402][T29005]  dump_stack_lvl+0xe8/0x140
[ 1122.917420][T29005]  dump_stack+0x15/0x1b
[ 1122.917436][T29005]  should_fail_ex+0x265/0x280
[ 1122.917482][T29005]  should_failslab+0x8c/0xb0
[ 1122.917506][T29005]  kmem_cache_alloc_node_noprof+0x57/0x320
[ 1122.917608][T29005]  ? __alloc_skb+0x101/0x320
[ 1122.917639][T29005]  __alloc_skb+0x101/0x320
[ 1122.917670][T29005]  netlink_alloc_large_skb+0xba/0xf0
[ 1122.917725][T29005]  netlink_sendmsg+0x3cf/0x6b0
[ 1122.917746][T29005]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1122.917767][T29005]  __sock_sendmsg+0x142/0x180
[ 1122.917902][T29005]  ____sys_sendmsg+0x31e/0x4e0
[ 1122.917990][T29005]  ___sys_sendmsg+0x17b/0x1d0
[ 1122.918027][T29005]  __x64_sys_sendmsg+0xd4/0x160
[ 1122.918115][T29005]  x64_sys_call+0x2999/0x2fb0
[ 1122.918140][T29005]  do_syscall_64+0xd2/0x200
[ 1122.918161][T29005]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[ 1122.918186][T29005]  ? clear_bhb_loop+0x40/0x90
[ 1122.918205][T29005]  ? clear_bhb_loop+0x40/0x90
[ 1122.918270][T29005]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1122.918290][T29005] RIP: 0033:0x7fc81e11e929
[ 1122.918337][T29005] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1122.918357][T29005] RSP: 002b:00007fc81c787038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1122.918381][T29005] RAX: ffffffffffffffda RBX: 00007fc81e345fa0 RCX: 00007fc81e11e929
[ 1122.918393][T29005] RDX: 0000000000000000 RSI: 0000200000000340 RDI: 0000000000000006
[ 1122.918405][T29005] RBP: 00007fc81c787090 R08: 0000000000000000 R09: 0000000000000000
[ 1122.918417][T29005] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1122.918458][T29005] R13: 0000000000000000 R14: 00007fc81e345fa0 R15: 00007ffc0665e9d8
[ 1122.918479][T29005]  </TASK>
[ 1123.171451][T29001] SELinux: syz.1.8196 (29001) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[ 1123.245768][T29014] loop2: detected capacity change from 0 to 1024
[ 1123.270725][T29014] EXT4-fs: Ignoring removed bh option
[ 1123.341402][T29025] loop9: detected capacity change from 0 to 512
[ 1123.348321][T29025] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[ 1123.587018][T29036] loop9: detected capacity change from 0 to 1024
[ 1123.613691][T29040] loop2: detected capacity change from 0 to 1024
[ 1123.620800][T29036] EXT4-fs: Ignoring removed nobh option
[ 1123.626534][T29036] EXT4-fs: Ignoring removed bh option
[ 1123.627239][T29038] netlink: 16 bytes leftover after parsing attributes in process `syz.1.8211'.
[ 1123.653929][T29038] netlink: 'syz.1.8211': attribute type 39 has an invalid length.
[ 1123.684808][T29036] EXT4-fs (loop9): shut down requested (0)
[ 1123.713318][T29040] SELinux: syz.2.8212 (29040) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[ 1123.798134][T29048] netlink: '+}[@': attribute type 12 has an invalid length.
[ 1123.818567][T29050] loop2: detected capacity change from 0 to 512
[ 1123.860441][T29050] EXT4-fs: Ignoring removed orlov option
[ 1123.860928][T29052] loop9: detected capacity change from 0 to 1024
[ 1123.884949][T29050] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1123.887232][T29052] EXT4-fs: Ignoring removed bh option
[ 1123.930367][T29050] EXT4-fs (loop2): orphan cleanup on readonly fs
[ 1123.937881][T29050] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.8215: bg 0: block 248: padding at end of block bitmap is not set
[ 1123.958650][T29050] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.8215: Failed to acquire dquot type 1
[ 1124.024775][T23221] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm kworker/u8:33: bg 0: block 345: padding at end of block bitmap is not set
[ 1124.044517][T23221] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 2048 with error 117
[ 1124.059409][T29050] EXT4-fs (loop2): 1 truncate cleaned up
[ 1124.060307][T29050] EXT4-fs mount: 51 callbacks suppressed
[ 1124.060323][T29050] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1124.065316][T23221] EXT4-fs (loop0): This should not happen!! Data will be lost
[ 1124.065316][T23221] 
[ 1124.076067][T29061] FAULT_INJECTION: forcing a failure.
[ 1124.076067][T29061] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1124.102662][T23221] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 2065 with max blocks 71 with error 28
[ 1124.111974][T29061] CPU: 0 UID: 0 PID: 29061 Comm: syz.9.8220 Not tainted 6.16.0-rc2-syzkaller-00047-g52da431bf03b #0 PREEMPT(voluntary) 
[ 1124.112005][T29061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1124.112058][T29061] Call Trace:
[ 1124.112069][T29061]  <TASK>
[ 1124.112078][T29061]  __dump_stack+0x1d/0x30
[ 1124.112102][T29061]  dump_stack_lvl+0xe8/0x140
[ 1124.112161][T29061]  dump_stack+0x15/0x1b
[ 1124.112178][T29061]  should_fail_ex+0x265/0x280
[ 1124.112228][T29061]  should_fail+0xb/0x20
[ 1124.112256][T29061]  should_fail_usercopy+0x1a/0x20
[ 1124.112302][T29061]  _copy_from_user+0x1c/0xb0
[ 1124.112323][T29061]  ___sys_sendmsg+0xc1/0x1d0
[ 1124.112365][T29061]  __x64_sys_sendmsg+0xd4/0x160
[ 1124.112429][T29061]  x64_sys_call+0x2999/0x2fb0
[ 1124.112510][T29061]  do_syscall_64+0xd2/0x200
[ 1124.112529][T29061]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[ 1124.112597][T29061]  ? clear_bhb_loop+0x40/0x90
[ 1124.112627][T29061]  ? clear_bhb_loop+0x40/0x90
[ 1124.112647][T29061]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1124.112668][T29061] RIP: 0033:0x7fc5e621e929
[ 1124.112686][T29061] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1124.112759][T29061] RSP: 002b:00007fc5e4887038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1124.112780][T29061] RAX: ffffffffffffffda RBX: 00007fc5e6445fa0 RCX: 00007fc5e621e929
[ 1124.112793][T29061] RDX: 0000000020000000 RSI: 0000200000000340 RDI: 0000000000000003
[ 1124.112815][T29061] RBP: 00007fc5e4887090 R08: 0000000000000000 R09: 0000000000000000
[ 1124.112828][T29061] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1124.112840][T29061] R13: 0000000000000000 R14: 00007fc5e6445fa0 R15: 00007ffe7a432b28
[ 1124.112879][T29061]  </TASK>
[ 1124.312553][T23221] EXT4-fs (loop0): This should not happen!! Data will be lost
[ 1124.312553][T23221] 
[ 1124.323105][T23221] EXT4-fs (loop0): Total free blocks count 0
[ 1124.329355][T23221] EXT4-fs (loop0): Free/Dirty block details
[ 1124.335759][T23221] EXT4-fs (loop0): free_blocks=0
[ 1124.340789][T23221] EXT4-fs (loop0): dirty_blocks=80
[ 1124.346351][T23221] EXT4-fs (loop0): Block reservation details
[ 1124.352649][T23221] EXT4-fs (loop0): i_reserved_data_blocks=5
[ 1124.364360][T22179] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1124.419376][T29071] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8224'.
[ 1124.446088][T29073] loop9: detected capacity change from 0 to 1024
[ 1124.474466][T29073] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1124.547671][T29073] SELinux: syz.9.8225 (29073) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[ 1124.567566][T29077] bond1: entered promiscuous mode
[ 1124.572766][T29077] bond1: entered allmulticast mode
[ 1124.579669][T29077] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1124.608700][T29077] bond1 (unregistering): Released all slaves
[ 1124.612589][T25100] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1124.634252][T29082] bond1: entered promiscuous mode
[ 1124.639494][T29082] bond1: entered allmulticast mode
[ 1124.645631][T29082] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1124.656407][T29082] bond1 (unregistering): Released all slaves
[ 1124.722382][T29095] loop0: detected capacity change from 0 to 512
[ 1124.739290][T29095] EXT4-fs: Ignoring removed orlov option
[ 1124.746710][T29095] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1124.772237][T29095] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 1124.809087][T29095] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.8232: bg 0: block 248: padding at end of block bitmap is not set
[ 1124.911409][T29111] hub 6-0:1.0: USB hub found
[ 1124.935351][T29111] hub 6-0:1.0: 8 ports detected
[ 1124.943608][T29095] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.8232: Failed to acquire dquot type 1
[ 1124.967116][T29095] EXT4-fs (loop0): 1 truncate cleaned up
[ 1124.970145][T29119] hub 6-0:1.0: USB hub found
[ 1124.977229][T29095] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1124.990058][T29119] hub 6-0:1.0: 8 ports detected
[ 1125.054996][T22062] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1125.105424][T29128] netlink: 240 bytes leftover after parsing attributes in process `syz.9.8247'.
[ 1125.124998][T29128] netlink: 28 bytes leftover after parsing attributes in process `syz.9.8247'.
[ 1125.157844][T29131] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8245'.
[ 1125.325377][T29144] netlink: 60 bytes leftover after parsing attributes in process `syz.0.8253'.
[ 1125.335240][T29143] netlink: 60 bytes leftover after parsing attributes in process `syz.0.8253'.
[ 1125.417911][T29149] netlink: 92 bytes leftover after parsing attributes in process `syz.9.8255'.
[ 1125.468688][T29152] loop9: detected capacity change from 0 to 1024
[ 1125.476182][T29152] EXT4-fs: Ignoring removed bh option
[ 1125.512207][T29152] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1125.547622][T25100] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1125.585865][T29160] loop9: detected capacity change from 0 to 128
[ 1125.672348][T29166] loop9: detected capacity change from 0 to 2048
[ 1125.687064][T29170] loop0: detected capacity change from 0 to 1024
[ 1125.777304][T29170] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1125.804101][T29166] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[ 1125.852069][T29181] FAULT_INJECTION: forcing a failure.
[ 1125.852069][T29181] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1125.865812][T29181] CPU: 0 UID: 0 PID: 29181 Comm: syz.1.8267 Not tainted 6.16.0-rc2-syzkaller-00047-g52da431bf03b #0 PREEMPT(voluntary) 
[ 1125.865895][T29181] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1125.865910][T29181] Call Trace:
[ 1125.865918][T29181]  <TASK>
[ 1125.865926][T29181]  __dump_stack+0x1d/0x30
[ 1125.865953][T29181]  dump_stack_lvl+0xe8/0x140
[ 1125.866070][T29181]  dump_stack+0x15/0x1b
[ 1125.866148][T29181]  should_fail_ex+0x265/0x280
[ 1125.866185][T29181]  should_fail+0xb/0x20
[ 1125.866283][T29181]  should_fail_usercopy+0x1a/0x20
[ 1125.866318][T29181]  copy_to_user_nofault+0x7f/0x120
[ 1125.866343][T29181]  bpf_probe_write_user+0x83/0xc0
[ 1125.866390][T29181]  bpf_prog_6303d92f98284ad8+0x44/0x4c
[ 1125.866408][T29181]  bpf_trace_run2+0x18e/0x1c0
[ 1125.866437][T29181]  ? unregister_netdevice_many_notify+0x76f/0x1690
[ 1125.866461][T29181]  ? should_fail_ex+0xdb/0x280
[ 1125.866494][T29181]  ? unregister_netdevice_many_notify+0x76f/0x1690
[ 1125.866585][T29181]  __traceiter_kfree+0x2b/0x50
[ 1125.866604][T29181]  ? unregister_netdevice_many_notify+0x76f/0x1690
[ 1125.866691][T29181]  kfree+0x27b/0x320
[ 1125.866717][T29181]  ? unregister_netdevice_many_notify+0x4cf/0x1690
[ 1125.866737][T29181]  unregister_netdevice_many_notify+0x76f/0x1690
[ 1125.866809][T29181]  ? __rcu_read_unlock+0x4f/0x70
[ 1125.866837][T29181]  unregister_netdevice_queue+0x1f5/0x220
[ 1125.866874][T29181]  unregister_netdev+0xb3/0xe0
[ 1125.866895][T29181]  slip_close+0xe4/0x100
[ 1125.866919][T29181]  ? __pfx_slip_hangup+0x10/0x10
[ 1125.867022][T29181]  slip_hangup+0x15/0x20
[ 1125.867045][T29181]  tty_ldisc_hangup+0x12f/0x370
[ 1125.867105][T29181]  __tty_hangup+0x395/0x510
[ 1125.867176][T29181]  tty_ioctl+0x601/0xb80
[ 1125.867202][T29181]  ? __pfx_tty_ioctl+0x10/0x10
[ 1125.867288][T29181]  __se_sys_ioctl+0xce/0x140
[ 1125.867316][T29181]  __x64_sys_ioctl+0x43/0x50
[ 1125.867422][T29181]  x64_sys_call+0x19a8/0x2fb0
[ 1125.867446][T29181]  do_syscall_64+0xd2/0x200
[ 1125.867466][T29181]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[ 1125.867496][T29181]  ? clear_bhb_loop+0x40/0x90
[ 1125.867519][T29181]  ? clear_bhb_loop+0x40/0x90
[ 1125.867542][T29181]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1125.867612][T29181] RIP: 0033:0x7f1d4120e929
[ 1125.867631][T29181] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1125.867651][T29181] RSP: 002b:00007f1d3f877038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1125.867673][T29181] RAX: ffffffffffffffda RBX: 00007f1d41435fa0 RCX: 00007f1d4120e929
[ 1125.867687][T29181] RDX: 0000000000000002 RSI: 0000000000005437 RDI: 0000000000000006
[ 1125.867701][T29181] RBP: 00007f1d3f877090 R08: 0000000000000000 R09: 0000000000000000
[ 1125.867714][T29181] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1125.867743][T29181] R13: 0000000000000000 R14: 00007f1d41435fa0 R15: 00007ffd04ff87f8
[ 1125.867763][T29181]  </TASK>
[ 1125.869608][T29179] loop2: detected capacity change from 0 to 1024
[ 1125.903669][T29170] SELinux: syz.0.8263 (29170) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[ 1126.079644][T29184] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1220: group 0, 
[ 1126.088553][T29179] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1126.091797][T29184] block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[ 1126.096302][T29179] ext4 filesystem being mounted at /519/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1126.121844][T29184] EXT4-fs (loop9): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[ 1126.134394][T29185] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[ 1126.142384][T29184] EXT4-fs (loop9): This should not happen!! Data will be lost
[ 1126.142384][T29184] 
[ 1126.155162][T29194] EXT4-fs error (device loop2): ext4_map_blocks:816: inode #15: block 1: comm syz.2.8266: lblock 1 mapped to illegal pblock 1 (length 15)
[ 1126.158618][T29184] EXT4-fs (loop9): Total free blocks count 0
[ 1126.158637][T29184] EXT4-fs (loop9): Free/Dirty block details
[ 1126.173345][T29194] EXT4-fs error (device loop2): ext4_ext_remove_space:2955: inode #15: comm syz.2.8266: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[ 1126.176879][T29184] EXT4-fs (loop9): free_blocks=2415919104
[ 1126.176903][T29184] EXT4-fs (loop9): dirty_blocks=4400
[ 1126.176919][T29184] EXT4-fs (loop9): Block reservation details
[ 1126.191632][T29178] EXT4-fs error (device loop2): ext4_ext_remove_space:2955: inode #15: comm syz.2.8266: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[ 1126.199212][T29184] EXT4-fs (loop9): i_reserved_data_blocks=275
[ 1126.212349][T29178] EXT4-fs error (device loop2): ext4_evict_inode:265: comm syz.2.8266: couldn't truncate inode 15 (err -117)
[ 1126.405441][T29196] loop8: detected capacity change from 0 to 1024
[ 1126.417600][T29196] EXT4-fs: Ignoring removed bh option
[ 1126.424783][T22062] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1126.436294][T22179] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1126.448091][T29196] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1126.507961][T23745] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1126.543599][T23197] EXT4-fs (loop9): Delayed block allocation failed for inode 18 at logical offset 24 with max blocks 2 with error 28
[ 1126.748535][T29230] loop8: detected capacity change from 0 to 1024
[ 1126.782035][T29230] EXT4-fs: Ignoring removed bh option
[ 1126.789222][   T29] kauditd_printk_skb: 150 callbacks suppressed
[ 1126.789242][   T29] audit: type=1400 audit(2000000938.920:12626): avc:  denied  { relabelto } for  pid=29231 comm="syz.1.8286" name="526" dev="tmpfs" ino=2784 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0"
[ 1126.824200][   T29] audit: type=1400 audit(2000000938.920:12627): avc:  denied  { associate } for  pid=29231 comm="syz.1.8286" name="526" dev="tmpfs" ino=2784 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:fsadm_exec_t:s0"
[ 1126.854264][T29235] random: crng reseeded on system resumption
[ 1126.857755][   T29] audit: type=1326 audit(2000000938.970:12628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29233 comm="syz.9.8287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5e621e929 code=0x7ffc0000
[ 1126.885765][   T29] audit: type=1326 audit(2000000938.970:12629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29233 comm="syz.9.8287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc5e621e929 code=0x7ffc0000
[ 1126.910553][   T29] audit: type=1326 audit(2000000938.970:12630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29233 comm="syz.9.8287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5e621e929 code=0x7ffc0000
[ 1126.936335][   T29] audit: type=1326 audit(2000000938.970:12631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29233 comm="syz.9.8287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=187 compat=0 ip=0x7fc5e621e929 code=0x7ffc0000
[ 1126.961545][   T29] audit: type=1326 audit(2000000938.970:12632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29233 comm="syz.9.8287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5e621e929 code=0x7ffc0000
[ 1126.986806][   T29] audit: type=1326 audit(2000000938.970:12633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29233 comm="syz.9.8287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc5e621e929 code=0x7ffc0000
[ 1127.011506][   T29] audit: type=1326 audit(2000000938.970:12634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29233 comm="syz.9.8287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5e621e929 code=0x7ffc0000
[ 1127.037197][   T29] audit: type=1326 audit(2000000938.970:12635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29233 comm="syz.9.8287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc5e621e929 code=0x7ffc0000
[ 1127.067943][T29230] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1127.155230][T23745] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1127.184370][T29208] netlink: 'syz.2.8274': attribute type 1 has an invalid length.
[ 1127.271897][T29264] loop8: detected capacity change from 0 to 1024
[ 1127.280993][T29264] EXT4-fs: Ignoring removed nobh option
[ 1127.286764][T29264] EXT4-fs: Ignoring removed bh option
[ 1127.296392][T29266] loop0: detected capacity change from 0 to 512
[ 1127.307384][T29266] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[ 1127.326331][T29264] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1127.401167][T29264] EXT4-fs (loop8): shut down requested (0)
[ 1127.464020][T29282] loop2: detected capacity change from 0 to 1024
[ 1127.473740][T29282] EXT4-fs: Ignoring removed bh option
[ 1127.480317][T23745] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1127.503999][T29282] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1127.517299][T29284] loop9: detected capacity change from 0 to 1024
[ 1127.543499][T29284] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1127.591033][T22179] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1127.605861][T16165] hid (null): unknown global tag 0xc
[ 1127.611354][T16165] hid (null): unknown global tag 0xe
[ 1127.611560][T29284] SELinux: syz.9.8307 (29284) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[ 1127.617155][T16165] hid (null): unknown global tag 0xe
[ 1127.636694][T16165] hid (null): report_id 2872728480 is invalid
[ 1127.642935][T16165] hid (null): unknown global tag 0xe
[ 1127.648578][T16165] hid (null): unknown global tag 0x84
[ 1127.654300][T16165] hid (null): unknown global tag 0xd
[ 1127.659978][T16165] hid (null): unknown global tag 0xc
[ 1127.665485][T16165] hid (null): global environment stack underflow
[ 1127.675489][T16165] hid (null): usage index exceeded
[ 1127.682497][T16165] hid (null): unknown global tag 0xe
[ 1127.692223][T16165] hid (null): invalid report_count 37104
[ 1127.698168][T16165] hid (null): unknown global tag 0xc
[ 1127.703792][T16165] hid (null): invalid report_count -64605631
[ 1127.709897][T16165] hid (null): unknown global tag 0xd
[ 1127.715462][T16165] hid (null): unknown global tag 0xe
[ 1127.720868][T16165] hid (null): bogus close delimiter
[ 1127.726146][T16165] hid (null): unknown global tag 0xc
[ 1127.731920][T16165] hid (null): report_id 30295 is invalid
[ 1127.737933][T16165] hid (null): unknown global tag 0xc
[ 1127.743980][T16165] hid (null): unknown global tag 0xe
[ 1127.749422][T16165] hid (null): invalid report_size 20597
[ 1127.755482][T16165] hid (null): invalid report_count 37931
[ 1127.761360][T16165] hid (null): bogus close delimiter
[ 1127.766626][T16165] hid (null): report_id 4094 is invalid
[ 1127.772408][T16165] hid (null): unknown global tag 0xc
[ 1127.778214][T16165] hid (null): unknown global tag 0x8c
[ 1127.787452][T16165] hid (null): unknown global tag 0x55
[ 1127.794545][T16165] hid (null): report_id 0 is invalid
[ 1127.800358][T16165] hid (null): global environment stack underflow
[ 1127.806858][T16165] hid (null): unknown global tag 0xc
[ 1127.812683][T16165] hid (null): report_id 0 is invalid
[ 1127.821678][T16165] hid (null): unknown global tag 0xd
[ 1127.828678][T16165] hid-generic 0000:0008:204F.000C: unknown main item tag 0x0
[ 1127.836756][T16165] hid-generic 0000:0008:204F.000C: unexpected long global item
[ 1127.847879][T16165] hid-generic 0000:0008:204F.000C: probe with driver hid-generic failed with error -22
[ 1127.877014][T25100] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1127.917936][T29309] SELinux:  Context system_u:object_r:syslogd_var_run_t:s0 is not valid (left unmapped).
[ 1127.930683][T29309] program syz.8.8315 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1128.004928][T29319] loop0: detected capacity change from 0 to 1024
[ 1128.013305][T29319] EXT4-fs: Ignoring removed bh option
[ 1128.033909][T29319] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1128.054372][T29325] loop9: detected capacity change from 0 to 512
[ 1128.064168][T29325] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[ 1128.098825][T22062] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1128.180304][T29336] netlink: 'syz.2.8327': attribute type 27 has an invalid length.
[ 1128.215751][T29336] 0ªX¹¦D: left allmulticast mode
[ 1128.246965][T29336] bridge0: port 3(vlan2) entered disabled state
[ 1128.253833][T29336] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1128.261912][T29336] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1128.274136][T29336] bond_slave_0: left promiscuous mode
[ 1128.279719][T29336] bond_slave_1: left promiscuous mode
[ 1128.339547][T29336] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1128.355206][T29336] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1128.411553][T29336] geneve0: left allmulticast mode
[ 1128.420812][T29336] bond0: left allmulticast mode
[ 1128.426845][T29336] bond_slave_0: left allmulticast mode
[ 1128.434363][T29336] bond_slave_1: left allmulticast mode
[ 1128.449858][T29336] macvlan2: left allmulticast mode
[ 1128.473917][T29336] ip6gre1: left allmulticast mode
[ 1128.481161][T29336] netdevsim netdevsim2 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1128.489962][T29336] netdevsim netdevsim2 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1128.498820][T29336] netdevsim netdevsim2 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1128.508464][T29336] netdevsim netdevsim2 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1128.521362][T29336] netdevsim netdevsim2 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1128.530409][T29336] netdevsim netdevsim2 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1128.539587][T29336] netdevsim netdevsim2 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1128.548253][T29336] netdevsim netdevsim2 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1128.798236][T29365] loop8: detected capacity change from 0 to 2048
[ 1128.821821][T29365] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[ 1128.868720][T29367] SELinux: syz.1.8339 (29367) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[ 1128.948539][T29375] __nla_validate_parse: 10 callbacks suppressed
[ 1128.948560][T29375] netlink: 6032 bytes leftover after parsing attributes in process `syz.1.8342'.
[ 1129.007329][T29380] loop2: detected capacity change from 0 to 512
[ 1129.019297][T29380] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[ 1129.106586][T29388] netlink: 4 bytes leftover after parsing attributes in process `syz.8.8338'.
[ 1129.224721][T29391] loop0: detected capacity change from 0 to 1024
[ 1129.248777][T29391] EXT4-fs: Ignoring removed bh option
[ 1129.287479][T29396] loop2: detected capacity change from 0 to 2048
[ 1129.297127][T29391] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1129.302374][T29397] loop9: detected capacity change from 0 to 2048
[ 1129.339168][T22062] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1129.352839][T29396] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[ 1129.388473][T29397] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1129.419650][T29397] ext4 filesystem being mounted at /331/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1129.464969][T29379] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[ 1129.500425][T29379] EXT4-fs (loop8): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[ 1129.514117][T29379] EXT4-fs (loop8): This should not happen!! Data will be lost
[ 1129.514117][T29379] 
[ 1129.523939][T29379] EXT4-fs (loop8): Total free blocks count 0
[ 1129.530178][T29379] EXT4-fs (loop8): Free/Dirty block details
[ 1129.536623][T29379] EXT4-fs (loop8): free_blocks=2415919104
[ 1129.542841][T29379] EXT4-fs (loop8): dirty_blocks=8208
[ 1129.548235][T29379] EXT4-fs (loop8): Block reservation details
[ 1129.554740][T29379] EXT4-fs (loop8): i_reserved_data_blocks=513
[ 1129.631970][T29413] SELinux: syz.1.8353 (29413) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[ 1129.657002][T29411] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[ 1129.675618][T29411] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1722 with error 28
[ 1129.688899][T29411] EXT4-fs (loop2): This should not happen!! Data will be lost
[ 1129.688899][T29411] 
[ 1129.698924][T29411] EXT4-fs (loop2): Total free blocks count 0
[ 1129.705726][T29411] EXT4-fs (loop2): Free/Dirty block details
[ 1129.711982][T29411] EXT4-fs (loop2): free_blocks=2415919104
[ 1129.718283][T29411] EXT4-fs (loop2): dirty_blocks=1728
[ 1129.724157][T29411] EXT4-fs (loop2): Block reservation details
[ 1129.730803][T29411] EXT4-fs (loop2): i_reserved_data_blocks=108
[ 1129.755969][T23221] EXT4-fs (loop8): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28
[ 1129.850431][T23197] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 24 with max blocks 2 with error 28
[ 1129.872545][T23195] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm kworker/u8:8: bg 0: block 345: padding at end of block bitmap is not set
[ 1129.891708][T23195] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 1016 with error 117
[ 1129.905126][T23195] EXT4-fs (loop9): This should not happen!! Data will be lost
[ 1129.905126][T23195] 
[ 1129.917549][T29424] FAULT_INJECTION: forcing a failure.
[ 1129.917549][T29424] name failslab, interval 1, probability 0, space 0, times 0
[ 1129.931105][T29424] CPU: 0 UID: 0 PID: 29424 Comm: syz.1.8356 Not tainted 6.16.0-rc2-syzkaller-00047-g52da431bf03b #0 PREEMPT(voluntary) 
[ 1129.931157][T29424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1129.931172][T29424] Call Trace:
[ 1129.931183][T29424]  <TASK>
[ 1129.931194][T29424]  __dump_stack+0x1d/0x30
[ 1129.931291][T29424]  dump_stack_lvl+0xe8/0x140
[ 1129.931309][T29424]  dump_stack+0x15/0x1b
[ 1129.931329][T29424]  should_fail_ex+0x265/0x280
[ 1129.931365][T29424]  should_failslab+0x8c/0xb0
[ 1129.931431][T29424]  kmem_cache_alloc_node_noprof+0x57/0x320
[ 1129.931465][T29424]  ? __alloc_skb+0x101/0x320
[ 1129.931499][T29424]  __alloc_skb+0x101/0x320
[ 1129.931530][T29424]  netlink_alloc_large_skb+0xba/0xf0
[ 1129.931623][T29424]  netlink_sendmsg+0x3cf/0x6b0
[ 1129.931642][T29424]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1129.931659][T29424]  __sock_sendmsg+0x142/0x180
[ 1129.931681][T29424]  __sys_sendto+0x268/0x330
[ 1129.931808][T29424]  __x64_sys_sendto+0x76/0x90
[ 1129.931834][T29424]  x64_sys_call+0x2eb6/0x2fb0
[ 1129.931852][T29424]  do_syscall_64+0xd2/0x200
[ 1129.931869][T29424]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[ 1129.931905][T29424]  ? clear_bhb_loop+0x40/0x90
[ 1129.931923][T29424]  ? clear_bhb_loop+0x40/0x90
[ 1129.932016][T29424]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1129.932035][T29424] RIP: 0033:0x7f1d4120e929
[ 1129.932108][T29424] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1129.932126][T29424] RSP: 002b:00007f1d3f877038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[ 1129.932145][T29424] RAX: ffffffffffffffda RBX: 00007f1d41435fa0 RCX: 00007f1d4120e929
[ 1129.932156][T29424] RDX: 000000000000004c RSI: 0000200000000080 RDI: 0000000000000004
[ 1129.932168][T29424] RBP: 00007f1d3f877090 R08: 0000000000000000 R09: 0000000000000000
[ 1129.932179][T29424] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1129.932260][T29424] R13: 0000000000000000 R14: 00007f1d41435fa0 R15: 00007ffd04ff87f8
[ 1129.932277][T29424]  </TASK>
[ 1130.159474][T23195] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 1032 with max blocks 410 with error 28
[ 1130.172968][T23195] EXT4-fs (loop9): This should not happen!! Data will be lost
[ 1130.172968][T23195] 
[ 1130.182879][T23195] EXT4-fs (loop9): Total free blocks count 0
[ 1130.189260][T23195] EXT4-fs (loop9): Free/Dirty block details
[ 1130.195701][T23195] EXT4-fs (loop9): free_blocks=0
[ 1130.200709][T23195] EXT4-fs (loop9): dirty_blocks=432
[ 1130.206511][T23195] EXT4-fs (loop9): Block reservation details
[ 1130.363012][T29439] loop0: detected capacity change from 0 to 512
[ 1130.383158][T29439] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[ 1130.426139][T29440] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8360'.
[ 1130.457742][T29444] loop8: detected capacity change from 0 to 512
[ 1130.473444][T29444] EXT4-fs: Ignoring removed orlov option
[ 1130.480252][T29446] loop2: detected capacity change from 0 to 1024
[ 1130.488590][T29444] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1130.495552][T29446] EXT4-fs: Ignoring removed nobh option
[ 1130.502968][T29446] EXT4-fs: Ignoring removed bh option
[ 1130.510626][T29444] EXT4-fs (loop8): orphan cleanup on readonly fs
[ 1130.524349][T29444] EXT4-fs error (device loop8): ext4_validate_block_bitmap:441: comm syz.8.8363: bg 0: block 248: padding at end of block bitmap is not set
[ 1130.540260][T29444] EXT4-fs error (device loop8): ext4_acquire_dquot:6933: comm syz.8.8363: Failed to acquire dquot type 1
[ 1130.552955][T29446] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1130.580547][T29451] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8365'.
[ 1130.594575][T29444] EXT4-fs (loop8): 1 truncate cleaned up
[ 1130.602097][T29444] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1130.626453][T29446] EXT4-fs (loop2): shut down requested (0)
[ 1130.647407][T23745] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1130.678580][T29453] loop0: detected capacity change from 0 to 512
[ 1130.689095][T22179] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1130.690884][T29453] EXT4-fs: Ignoring removed orlov option
[ 1130.708093][T29453] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1130.718522][T29453] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 1130.728758][T29453] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.8367: bg 0: block 248: padding at end of block bitmap is not set
[ 1130.744865][T29453] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.8367: Failed to acquire dquot type 1
[ 1130.760683][T29453] EXT4-fs (loop0): 1 truncate cleaned up
[ 1130.767614][T29453] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1130.783579][T29458] loop2: detected capacity change from 0 to 1024
[ 1130.797897][T29458] EXT4-fs: Ignoring removed bh option
[ 1130.826261][T29458] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1130.842726][T22062] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1130.891555][T29462] hub 6-0:1.0: USB hub found
[ 1130.902262][T29462] hub 6-0:1.0: 8 ports detected
[ 1130.902625][T22179] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1130.913331][T29468] hub 6-0:1.0: USB hub found
[ 1130.922743][T29468] hub 6-0:1.0: 8 ports detected
[ 1130.940425][T29471] netlink: 'syz.0.8374': attribute type 4 has an invalid length.
[ 1130.971617][T29473] 9pnet_fd: Insufficient options for proto=fd
[ 1131.061617][T29480] loop2: detected capacity change from 0 to 512
[ 1131.068570][T29480] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[ 1131.111145][T29483] loop0: detected capacity change from 0 to 512
[ 1131.118317][T29483] EXT4-fs: Ignoring removed orlov option
[ 1131.126658][T29483] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1131.136911][T29483] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 1131.144766][T29483] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.8376: bg 0: block 248: padding at end of block bitmap is not set
[ 1131.163433][T29483] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.8376: Failed to acquire dquot type 1
[ 1131.176226][T29483] EXT4-fs (loop0): 1 truncate cleaned up
[ 1131.185973][T29483] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1131.220174][T22062] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1131.383442][T29501] loop0: detected capacity change from 0 to 2048
[ 1131.433415][T29501] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1131.453747][T29501] ext4 filesystem being mounted at /517/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1131.487197][T29510] loop2: detected capacity change from 0 to 1024
[ 1131.511841][T29510] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1131.563742][T29510] SELinux: syz.2.8387 (29510) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[ 1131.642908][T23195] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm kworker/u8:8: bg 0: block 345: padding at end of block bitmap is not set
[ 1131.802013][T22179] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1131.813106][T29516] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1131.821735][T23195] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 261 with error 117
[ 1131.835743][T23195] EXT4-fs (loop0): This should not happen!! Data will be lost
[ 1131.835743][T23195] 
[ 1131.927938][   T29] kauditd_printk_skb: 117 callbacks suppressed
[ 1131.927957][   T29] audit: type=1400 audit(2000000944.060:12747): avc:  denied  { setopt } for  pid=29520 comm="syz.2.8389" lport=141 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 1131.956866][T29524] loop8: detected capacity change from 0 to 512
[ 1131.958253][T29523] hub 9-0:1.0: USB hub found
[ 1131.964183][T29524] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[ 1131.969343][T29523] hub 9-0:1.0: 8 ports detected
[ 1131.989821][   T29] audit: type=1400 audit(2000000944.090:12748): avc:  denied  { getopt } for  pid=29520 comm="syz.2.8389" lport=141 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 1132.083577][   T29] audit: type=1326 audit(2000000944.180:12749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29525 comm="syz.9.8392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5e621e929 code=0x7ffc0000
[ 1132.107986][   T29] audit: type=1326 audit(2000000944.180:12750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29525 comm="syz.9.8392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5e621e929 code=0x7ffc0000
[ 1132.132113][   T29] audit: type=1326 audit(2000000944.190:12751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29525 comm="syz.9.8392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc5e621e929 code=0x7ffc0000
[ 1132.156602][   T29] audit: type=1326 audit(2000000944.190:12752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29525 comm="syz.9.8392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5e621e929 code=0x7ffc0000
[ 1132.181254][   T29] audit: type=1326 audit(2000000944.190:12753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29525 comm="syz.9.8392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5e621e929 code=0x7ffc0000
[ 1132.206053][   T29] audit: type=1326 audit(2000000944.190:12754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29525 comm="syz.9.8392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=187 compat=0 ip=0x7fc5e621e929 code=0x7ffc0000
[ 1132.230617][   T29] audit: type=1326 audit(2000000944.190:12755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29525 comm="syz.9.8392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5e621e929 code=0x7ffc0000
[ 1132.255265][   T29] audit: type=1326 audit(2000000944.190:12756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29525 comm="syz.9.8392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc5e621e929 code=0x7ffc0000
[ 1132.391132][T22062] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1132.565947][T29543] hub 6-0:1.0: USB hub found
[ 1132.580271][T29543] hub 6-0:1.0: 8 ports detected
[ 1133.251745][T29561] loop8: detected capacity change from 0 to 512
[ 1133.510314][T29561] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[ 1133.654435][T29568] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8408'.
[ 1133.678490][T29566] loop8: detected capacity change from 0 to 1024
[ 1133.701694][T29566] EXT4-fs: Ignoring removed bh option
[ 1133.742971][T29566] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1133.833451][T23745] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1133.931661][T29574] loop0: detected capacity change from 0 to 1024
[ 1133.963866][T29576] loop8: detected capacity change from 0 to 1024
[ 1133.974317][T29574] EXT4-fs: Ignoring removed nobh option
[ 1133.980267][T29574] EXT4-fs: Ignoring removed bh option
[ 1134.000645][T29576] EXT4-fs: Ignoring removed nobh option
[ 1134.006457][T29576] EXT4-fs: Ignoring removed bh option
[ 1134.046521][T29574] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1134.094268][T29576] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1134.131755][T29574] EXT4-fs (loop0): shut down requested (0)
[ 1134.169519][T29576] EXT4-fs (loop8): shut down requested (0)
[ 1134.212727][T22062] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1134.243762][T23745] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1134.344451][T29586] loop9: detected capacity change from 0 to 1024
[ 1134.356530][T29582] loop0: detected capacity change from 0 to 2048
[ 1134.367492][T29589] netlink: 8 bytes leftover after parsing attributes in process `syz.8.8413'.
[ 1134.388785][T29586] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1134.425596][T29590] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1134.425647][T29582] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1134.453485][T29582] ext4 filesystem being mounted at /523/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1134.503272][T29590] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1134.559060][T29603] netlink: 8 bytes leftover after parsing attributes in process `syz.8.8419'.
[ 1134.578665][T29586] SELinux: syz.9.8415 (29586) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[ 1134.594625][T29590] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1134.647797][T25100] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1134.669139][T29590] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1134.670808][T29609] loop8: detected capacity change from 0 to 1024
[ 1134.688620][T29606] loop2: detected capacity change from 0 to 256
[ 1134.690474][T29609] EXT4-fs: Ignoring removed bh option
[ 1134.726587][T29609] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1134.769947][T29590] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1134.786887][T29590] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1134.810447][T23220] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm kworker/u8:32: bg 0: block 345: padding at end of block bitmap is not set
[ 1134.829626][T29590] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1134.842711][T29590] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1134.882366][T23220] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 1016 with error 117
[ 1134.896293][T23220] EXT4-fs (loop0): This should not happen!! Data will be lost
[ 1134.896293][T23220] 
[ 1134.918210][T23745] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1134.996653][T29623] FAULT_INJECTION: forcing a failure.
[ 1134.996653][T29623] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1135.011576][T29623] CPU: 0 UID: 0 PID: 29623 Comm: syz.2.8427 Not tainted 6.16.0-rc2-syzkaller-00047-g52da431bf03b #0 PREEMPT(voluntary) 
[ 1135.011642][T29623] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1135.011661][T29623] Call Trace:
[ 1135.011670][T29623]  <TASK>
[ 1135.011679][T29623]  __dump_stack+0x1d/0x30
[ 1135.011705][T29623]  dump_stack_lvl+0xe8/0x140
[ 1135.011725][T29623]  dump_stack+0x15/0x1b
[ 1135.011804][T29623]  should_fail_ex+0x265/0x280
[ 1135.011836][T29623]  should_fail+0xb/0x20
[ 1135.011867][T29623]  should_fail_usercopy+0x1a/0x20
[ 1135.011901][T29623]  _copy_to_user+0x20/0xa0
[ 1135.011965][T29623]  simple_read_from_buffer+0xb5/0x130
[ 1135.011999][T29623]  proc_fail_nth_read+0x100/0x140
[ 1135.012020][T29623]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1135.012057][T29623]  vfs_read+0x1a0/0x6f0
[ 1135.012118][T29623]  ? __rcu_read_unlock+0x4f/0x70
[ 1135.012139][T29623]  ? __rcu_read_unlock+0x4f/0x70
[ 1135.012229][T29623]  ? __fget_files+0x184/0x1c0
[ 1135.012253][T29623]  ksys_read+0xda/0x1a0
[ 1135.012286][T29623]  __x64_sys_read+0x40/0x50
[ 1135.012344][T29623]  x64_sys_call+0x2d77/0x2fb0
[ 1135.012368][T29623]  do_syscall_64+0xd2/0x200
[ 1135.012452][T29623]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[ 1135.012478][T29623]  ? clear_bhb_loop+0x40/0x90
[ 1135.012555][T29623]  ? clear_bhb_loop+0x40/0x90
[ 1135.012580][T29623]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1135.012612][T29623] RIP: 0033:0x7fc81e11d33c
[ 1135.012629][T29623] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1135.012647][T29623] RSP: 002b:00007fc81c787030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1135.012666][T29623] RAX: ffffffffffffffda RBX: 00007fc81e345fa0 RCX: 00007fc81e11d33c
[ 1135.012678][T29623] RDX: 000000000000000f RSI: 00007fc81c7870a0 RDI: 0000000000000004
[ 1135.012689][T29623] RBP: 00007fc81c787090 R08: 0000000000000000 R09: 0000000000000000
[ 1135.012699][T29623] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1135.012710][T29623] R13: 0000000000000000 R14: 00007fc81e345fa0 R15: 00007ffc0665e9d8
[ 1135.012726][T29623]  </TASK>
[ 1135.253389][T29628] loop9: detected capacity change from 0 to 512
[ 1135.263958][T29628] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[ 1135.507582][T22062] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1135.686209][T29659] netlink: 'syz.0.8438': attribute type 2 has an invalid length.
[ 1135.694637][T29659] netlink: 'syz.0.8438': attribute type 8 has an invalid length.
[ 1135.702884][T29659] netlink: 132 bytes leftover after parsing attributes in process `syz.0.8438'.
[ 1135.969683][T29679] netlink: 'syz.9.8446': attribute type 19 has an invalid length.
[ 1136.046997][T29692] pim6reg1: entered promiscuous mode
[ 1136.053303][T29692] pim6reg1: entered allmulticast mode
[ 1136.205921][T29714] netlink: 'syz.0.8462': attribute type 10 has an invalid length.
[ 1136.229141][T29714] team0: Port device vlan0 added
[ 1136.949890][   T29] kauditd_printk_skb: 60 callbacks suppressed
[ 1136.949912][   T29] audit: type=1400 audit(2000000949.060:12817): avc:  denied  { create } for  pid=29773 comm="syz.0.8484" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[ 1136.977734][   T29] audit: type=1400 audit(2000000949.060:12818): avc:  denied  { setopt } for  pid=29773 comm="syz.0.8484" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[ 1137.127407][T29793] netlink: 156 bytes leftover after parsing attributes in process `syz.0.8491'.
[ 1137.276286][   T29] audit: type=1400 audit(2000000949.410:12819): avc:  denied  { create } for  pid=29796 comm="syz.0.8493" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[ 1137.388514][   T29] audit: type=1400 audit(2000000949.520:12820): avc:  denied  { create } for  pid=29805 comm="syz.0.8499" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[ 1137.472897][   T29] audit: type=1400 audit(2000000949.550:12821): avc:  denied  { write } for  pid=29807 comm="syz.1.8498" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 1137.553091][T29815] netlink: 'syz.0.8501': attribute type 10 has an invalid length.
[ 1137.619608][   T29] audit: type=1400 audit(2000000949.750:12822): avc:  denied  { relabelfrom } for  pid=29821 comm="syz.0.8504" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[ 1137.641734][   T29] audit: type=1400 audit(2000000949.750:12823): avc:  denied  { relabelto } for  pid=29821 comm="syz.0.8504" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[ 1137.708233][T29822] syzkaller0: entered promiscuous mode
[ 1137.713980][T29822] syzkaller0: entered allmulticast mode
[ 1137.855920][T29833] IPv6: NLM_F_REPLACE set, but no existing node found!
[ 1138.002060][   T29] audit: type=1400 audit(2000000950.140:12824): avc:  denied  { attach_queue } for  pid=29835 comm="syz.0.8509" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[ 1138.221211][   T29] audit: type=1400 audit(2000000950.360:12825): avc:  denied  { read } for  pid=29839 comm="syz.0.8511" lport=17 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 1138.303460][T29842] syzkaller0: entered promiscuous mode
[ 1138.309243][T29842] syzkaller0: entered allmulticast mode
[ 1138.510669][T29856] netlink: 15999 bytes leftover after parsing attributes in process `syz.9.8518'.
[ 1138.593310][   T29] audit: type=1400 audit(2000000950.730:12826): avc:  denied  { setopt } for  pid=29857 comm="syz.1.8519" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[ 1138.679191][T29863] netlink: 'syz.2.8521': attribute type 39 has an invalid length.
[ 1138.781410][T29879] loop2: detected capacity change from 0 to 2048
[ 1138.807708][T29879] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1138.835563][T29879] ext4 filesystem being mounted at /579/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1138.946475][T29896] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1139.314566][T29913] netlink: 13439 bytes leftover after parsing attributes in process `syz.9.8538'.
[ 1139.445388][T29915] netlink: 14719 bytes leftover after parsing attributes in process `syz.1.8539'.
[ 1139.517636][T29921] xt_cluster: you have exceeded the maximum number of cluster nodes (514 > 32)
[ 1139.653310][T29927] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1139.698862][T29927] bridge0: entered allmulticast mode
[ 1140.056689][T23221] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm kworker/u8:33: bg 0: block 345: padding at end of block bitmap is not set
[ 1140.108553][T23221] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 241 with error 117
[ 1140.121627][T23221] EXT4-fs (loop2): This should not happen!! Data will be lost
[ 1140.121627][T23221] 
[ 1140.330052][T22179] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1140.442057][T29952] netlink: 'syz.2.8549': attribute type 10 has an invalid length.
[ 1140.489214][T29957] loop9: detected capacity change from 0 to 1024
[ 1140.500343][T29957] EXT4-fs: Ignoring removed nobh option
[ 1140.506301][T29957] EXT4-fs: Ignoring removed bh option
[ 1140.546565][T29957] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1140.642149][T29957] EXT4-fs (loop9): shut down requested (0)
[ 1140.723227][T29969] xt_cluster: you have exceeded the maximum number of cluster nodes (514 > 32)
[ 1140.755088][T29967] loop0: detected capacity change from 0 to 2048
[ 1140.784660][T29967] ext4 filesystem being mounted at /553/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1140.961494][T23221] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm kworker/u8:33: bg 0: block 345: padding at end of block bitmap is not set
[ 1140.997294][T23221] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 222 with error 117
[ 1141.010211][T23221] EXT4-fs (loop0): This should not happen!! Data will be lost
[ 1141.010211][T23221] 
[ 1141.397374][T29981] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8564'.
[ 1141.647929][T23197] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 238 with max blocks 1 with error 117
[ 1141.661329][T23197] EXT4-fs (loop0): This should not happen!! Data will be lost
[ 1141.661329][T23197] 
[ 1141.676219][T29990] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[ 1141.697343][T29993] loop2: detected capacity change from 0 to 512
[ 1141.705188][T29993] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[ 1141.772019][T29997] loop0: detected capacity change from 0 to 2048
[ 1141.856832][T29997] ext4 filesystem being mounted at /554/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1141.989432][T30007] loop2: detected capacity change from 0 to 256
[ 1142.118234][T23195] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm kworker/u8:8: bg 0: block 345: padding at end of block bitmap is not set
[ 1142.156666][T23195] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 517 with error 117
[ 1142.171699][T23195] EXT4-fs (loop0): This should not happen!! Data will be lost
[ 1142.171699][T23195] 
[ 1142.594734][   T29] kauditd_printk_skb: 35 callbacks suppressed
[ 1142.594754][   T29] audit: type=1326 audit(2000000954.730:12862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30018 comm="syz.9.8575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5e621e929 code=0x7ffc0000
[ 1142.625436][   T29] audit: type=1326 audit(2000000954.730:12863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30018 comm="syz.9.8575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5e621e929 code=0x7ffc0000
[ 1142.702797][   T29] audit: type=1326 audit(2000000954.730:12864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30018 comm="syz.9.8575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc5e621e929 code=0x7ffc0000
[ 1142.727843][   T29] audit: type=1326 audit(2000000954.730:12865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30018 comm="syz.9.8575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5e621e929 code=0x7ffc0000
[ 1142.752899][   T29] audit: type=1326 audit(2000000954.730:12866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30018 comm="syz.9.8575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=187 compat=0 ip=0x7fc5e621e929 code=0x7ffc0000
[ 1142.778523][   T29] audit: type=1326 audit(2000000954.730:12867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30018 comm="syz.9.8575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5e621e929 code=0x7ffc0000
[ 1142.804412][   T29] audit: type=1326 audit(2000000954.730:12868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30018 comm="syz.9.8575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc5e621e929 code=0x7ffc0000
[ 1142.829564][   T29] audit: type=1326 audit(2000000954.730:12869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30018 comm="syz.9.8575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5e621e929 code=0x7ffc0000
[ 1142.855357][   T29] audit: type=1326 audit(2000000954.730:12870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30018 comm="syz.9.8575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc5e621e929 code=0x7ffc0000
[ 1142.880650][   T29] audit: type=1326 audit(2000000954.730:12871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30018 comm="syz.9.8575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5e621e929 code=0x7ffc0000
[ 1142.961863][T30029] loop9: detected capacity change from 0 to 1024
[ 1143.071830][T30029] SELinux: syz.9.8581 (30029) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[ 1143.090079][T30038] xt_cluster: you have exceeded the maximum number of cluster nodes (514 > 32)
[ 1143.167537][T30041] loop0: detected capacity change from 0 to 512
[ 1143.211801][T30041] EXT4-fs (loop0): external journal device major/minor numbers have changed
[ 1143.274269][T30041] EXT4-fs (loop0): failed to open journal device unknown-block(11,131) -6
[ 1143.536441][T30052] netlink: 4 bytes leftover after parsing attributes in process `syz.9.8589'.
[ 1144.240792][T30074] netlink: 28 bytes leftover after parsing attributes in process `syz.1.8596'.
[ 1144.264452][T30071] netlink: 240 bytes leftover after parsing attributes in process `syz.1.8596'.
[ 1144.777500][T30095] loop0: detected capacity change from 0 to 512
[ 1144.819324][T30095] EXT4-fs: Ignoring removed orlov option
[ 1144.845788][T30095] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1144.867755][T30095] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 1144.888185][T30095] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.8606: bg 0: block 248: padding at end of block bitmap is not set
[ 1144.906437][T30095] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.8606: Failed to acquire dquot type 1
[ 1144.952848][T30095] EXT4-fs (loop0): 1 truncate cleaned up
[ 1145.265755][T23197] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1145.289493][T30111] loop0: detected capacity change from 0 to 2048
[ 1145.305898][T30111] ext4 filesystem being mounted at /566/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1145.327908][T23197] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1145.386156][T23197] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1145.442419][T23197] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1145.491228][T30125] loop9: detected capacity change from 0 to 256
[ 1145.570817][T23197] vlan2: left promiscuous mode
[ 1145.575788][T23197] vlan1: left promiscuous mode
[ 1145.581044][T23197] bridge0: port 3(vlan2) entered disabled state
[ 1145.604843][T23197] bridge_slave_1: left allmulticast mode
[ 1145.611419][T23197] bridge_slave_1: left promiscuous mode
[ 1145.617843][T23197] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1145.660220][T23197] bridge_slave_0: left allmulticast mode
[ 1145.666161][T23197] bridge_slave_0: left promiscuous mode
[ 1145.673671][T23197] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1145.688144][T23195] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm kworker/u8:8: bg 0: block 345: padding at end of block bitmap is not set
[ 1145.865950][T23195] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 833 with error 117
[ 1145.879372][T23195] EXT4-fs (loop0): This should not happen!! Data will be lost
[ 1145.879372][T23195] 
[ 1145.899705][T23197] team0: Port device geneve1 removed
[ 1145.965470][T23197] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1145.981267][T23197] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1145.993329][T23197] bond0 (unregistering): Released all slaves
[ 1146.190981][T30137] netlink: 240 bytes leftover after parsing attributes in process `syz.2.8619'.
[ 1146.205214][T30137] netlink: 28 bytes leftover after parsing attributes in process `syz.2.8619'.
[ 1146.257951][T30140] loop2: detected capacity change from 0 to 512
[ 1146.279114][T30140] EXT4-fs: Ignoring removed orlov option
[ 1146.306924][T30140] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1146.328692][T30140] EXT4-fs (loop2): orphan cleanup on readonly fs
[ 1146.367843][T30140] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.8620: bg 0: block 248: padding at end of block bitmap is not set
[ 1146.433047][T30140] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.8620: Failed to acquire dquot type 1
[ 1146.455790][T23197] hsr_slave_0: left promiscuous mode
[ 1146.468062][T30140] EXT4-fs (loop2): 1 truncate cleaned up
[ 1146.492438][T23197] hsr_slave_1: left promiscuous mode
[ 1146.504594][T23197] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1146.512595][T23197] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1146.525627][T23197] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1146.533540][T23197] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1146.553163][T23197] veth1_vlan: left promiscuous mode
[ 1146.561537][T30149] loop0: detected capacity change from 0 to 256
[ 1146.579365][T23197] veth0_vlan: left promiscuous mode
[ 1146.678420][T23197] team0 (unregistering): Port device team_slave_1 removed
[ 1146.693793][T23197] team0 (unregistering): Port device team_slave_0 removed
[ 1146.887508][T30165] netlink: 240 bytes leftover after parsing attributes in process `syz.2.8629'.
[ 1146.902165][T30165] netlink: 28 bytes leftover after parsing attributes in process `syz.2.8629'.
[ 1146.974623][T30103] chnl_net:caif_netlink_parms(): no params data found
[ 1146.992828][T30170] geneve0: entered allmulticast mode
[ 1147.092956][T30103] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1147.100157][T30103] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1147.113518][T30103] bridge_slave_0: entered allmulticast mode
[ 1147.127660][T30103] bridge_slave_0: entered promiscuous mode
[ 1147.143583][T30103] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1147.151102][T30103] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1147.173816][T30103] bridge_slave_1: entered allmulticast mode
[ 1147.195757][T30182] loop2: detected capacity change from 0 to 512
[ 1147.207965][T30103] bridge_slave_1: entered promiscuous mode
[ 1147.233551][T30182] EXT4-fs: Ignoring removed orlov option
[ 1147.258331][T30182] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1147.287729][T30182] EXT4-fs (loop2): orphan cleanup on readonly fs
[ 1147.312741][T30182] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.8635: bg 0: block 248: padding at end of block bitmap is not set
[ 1147.346580][T30182] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.8635: Failed to acquire dquot type 1
[ 1147.349831][T30103] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1147.358961][T30182] EXT4-fs (loop2): 1 truncate cleaned up
[ 1147.376153][T30103] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1147.436434][T30103] team0: Port device team_slave_0 added
[ 1147.455475][T30103] team0: Port device team_slave_1 added
[ 1147.492983][T30103] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1147.500368][T30103] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1147.527871][T30103] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1147.579830][T30103] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1147.587025][T30103] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1147.614586][T30103] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1147.714859][T30103] hsr_slave_0: entered promiscuous mode
[ 1147.741708][T30103] hsr_slave_1: entered promiscuous mode
[ 1147.749679][T30103] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1147.767934][T30103] Cannot create hsr debugfs directory
[ 1147.784476][   T29] kauditd_printk_skb: 35 callbacks suppressed
[ 1147.784495][   T29] audit: type=1400 audit(2000000959.920:12901): avc:  denied  { bind } for  pid=30195 comm="syz.0.8641" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[ 1147.826109][T30200] netlink: 'syz.2.8643': attribute type 1 has an invalid length.
[ 1147.890236][T30204] netlink: 'syz.0.8641': attribute type 3 has an invalid length.
[ 1147.926440][T30204] loop0: detected capacity change from 0 to 512
[ 1147.992518][T30204] EXT4-fs (loop0): external journal device major/minor numbers have changed
[ 1148.006277][T30209] loop2: detected capacity change from 0 to 512
[ 1148.013492][T30209] EXT4-fs: Ignoring removed orlov option
[ 1148.022542][T30209] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1148.043390][T30209] EXT4-fs (loop2): orphan cleanup on readonly fs
[ 1148.060463][T30209] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.8645: bg 0: block 248: padding at end of block bitmap is not set
[ 1148.075195][T30204] EXT4-fs (loop0): failed to open journal device unknown-block(11,131) -6
[ 1148.113544][T30209] Quota error (device loop2): write_blk: dquota write failed
[ 1148.121577][T30209] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[ 1148.130699][T30222] loop8: detected capacity change from 0 to 1024
[ 1148.132094][T30209] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.8645: Failed to acquire dquot type 1
[ 1148.163034][T30209] EXT4-fs (loop2): 1 truncate cleaned up
[ 1148.210312][T30229] netlink: 240 bytes leftover after parsing attributes in process `syz.9.8653'.
[ 1148.221426][T30229] netlink: 28 bytes leftover after parsing attributes in process `syz.9.8653'.
[ 1148.224239][T30222] SELinux: syz.8.8651 (30222) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[ 1148.322824][T30103] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1148.339669][T30103] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1148.348370][T30245] netlink: 4 bytes leftover after parsing attributes in process `syz.9.8661'.
[ 1148.362496][T30103] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1148.380276][T30103] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1148.406801][T30257] loop9: detected capacity change from 0 to 512
[ 1148.414948][T30257] EXT4-fs: Ignoring removed orlov option
[ 1148.421533][T30257] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1148.431344][T30257] EXT4-fs (loop9): orphan cleanup on readonly fs
[ 1148.434229][T30103] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1148.440586][T30257] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm syz.9.8664: bg 0: block 248: padding at end of block bitmap is not set
[ 1148.450346][T30103] 8021q: adding VLAN 0 to HW filter on device team0
[ 1148.469174][T30257] Quota error (device loop9): write_blk: dquota write failed
[ 1148.476878][T30257] Quota error (device loop9): qtree_write_dquot: Error -117 occurred while creating quota
[ 1148.487167][T30257] EXT4-fs error (device loop9): ext4_acquire_dquot:6933: comm syz.9.8664: Failed to acquire dquot type 1
[ 1148.496217][T30263] netlink: 'syz.8.8663': attribute type 3 has an invalid length.
[ 1148.499732][T30257] EXT4-fs (loop9): 1 truncate cleaned up
[ 1148.516842][T30263] loop8: detected capacity change from 0 to 512
[ 1148.524528][T30263] EXT4-fs (loop8): external journal device major/minor numbers have changed
[ 1148.543638][T23197] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1148.551251][T23197] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1148.575125][T30263] EXT4-fs (loop8): failed to open journal device unknown-block(11,131) -6
[ 1148.575575][T23220] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1148.592172][T23220] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1148.603042][   T29] audit: type=1400 audit(2000000960.730:12902): avc:  denied  { egress } for  pid=3381 comm="kworker/1:3" daddr=ff02::16 netif=gretap0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:netif_t tclass=netif permissive=1
[ 1148.626351][   T29] audit: type=1400 audit(2000000960.730:12903): avc:  denied  { sendto } for  pid=3381 comm="kworker/1:3" daddr=ff02::16 netif=gretap0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:node_t tclass=node permissive=1
[ 1148.628875][T30267] loop9: detected capacity change from 0 to 2048
[ 1148.676778][T30269] loop0: detected capacity change from 0 to 1024
[ 1148.704608][T30267] ext4 filesystem being mounted at /396/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1148.737010][T30269] SELinux: syz.0.8666 (30269) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[ 1148.779692][T30103] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1148.817071][   T29] audit: type=1326 audit(2000000960.950:12904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30283 comm="syz.8.8668" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f267e50e929 code=0x7ffc0000
[ 1148.842894][   T29] audit: type=1326 audit(2000000960.950:12905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30283 comm="syz.8.8668" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f267e50e929 code=0x7ffc0000
[ 1148.867560][   T29] audit: type=1326 audit(2000000960.950:12906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30283 comm="syz.8.8668" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f267e50e929 code=0x7ffc0000
[ 1148.960100][T30103] veth0_vlan: entered promiscuous mode
[ 1148.985569][T30284] netdevsim netdevsim8 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1148.999486][T30103] veth1_vlan: entered promiscuous mode
[ 1149.005584][T23221] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm kworker/u8:33: bg 0: block 345: padding at end of block bitmap is not set
[ 1149.049360][T30103] veth0_macvtap: entered promiscuous mode
[ 1149.056924][T23221] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 388 with error 117
[ 1149.070083][T23221] EXT4-fs (loop9): This should not happen!! Data will be lost
[ 1149.070083][T23221] 
[ 1149.082447][T30284] netdevsim netdevsim8 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1149.110983][T30103] veth1_macvtap: entered promiscuous mode
[ 1149.134767][T30103] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1149.147319][T30103] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1149.166064][T30284] netdevsim netdevsim8 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1149.185224][T30103] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1149.194483][T30103] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1149.203624][T30103] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1149.212627][T30103] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1149.245540][T30284] netdevsim netdevsim8 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1149.274519][T30303] loop2: detected capacity change from 0 to 512
[ 1149.282508][T30303] EXT4-fs: Ignoring removed orlov option
[ 1149.298805][T30303] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1149.313237][T30303] EXT4-fs (loop2): orphan cleanup on readonly fs
[ 1149.326446][T30284] netdevsim netdevsim8 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1149.348722][T30284] netdevsim netdevsim8 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1149.358938][T30303] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.8674: bg 0: block 248: padding at end of block bitmap is not set
[ 1149.361428][T30284] netdevsim netdevsim8 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1149.386651][T30284] netdevsim netdevsim8 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1149.448297][T30312] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8609'.
[ 1149.494052][T30303] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.8674: Failed to acquire dquot type 1
[ 1149.517918][T30311] loop8: detected capacity change from 0 to 256
[ 1149.617936][T30303] EXT4-fs (loop2): 1 truncate cleaned up
[ 1150.053461][T30317] loop8: detected capacity change from 0 to 2048
[ 1150.287822][T30320] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[ 1150.306461][T30320] EXT4-fs (loop8): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1006 with error 28
[ 1150.319300][T30320] EXT4-fs (loop8): This should not happen!! Data will be lost
[ 1150.319300][T30320] 
[ 1150.329859][T30320] EXT4-fs (loop8): Total free blocks count 0
[ 1150.336108][T30320] EXT4-fs (loop8): Free/Dirty block details
[ 1150.342251][T30320] EXT4-fs (loop8): free_blocks=2415919104
[ 1150.348060][T30320] EXT4-fs (loop8): dirty_blocks=1008
[ 1150.353749][T30320] EXT4-fs (loop8): Block reservation details
[ 1150.360277][T30320] EXT4-fs (loop8): i_reserved_data_blocks=63
[ 1150.687593][T30333] netlink: 12 bytes leftover after parsing attributes in process `syz.9.8681'.
[ 1150.708304][T30333] netlink: 240 bytes leftover after parsing attributes in process `syz.9.8681'.
[ 1150.841654][T23221] vlan2: left allmulticast mode
[ 1150.847364][T23221] vlan1: left allmulticast mode
[ 1150.852743][T23221] veth0_vlan: left allmulticast mode
[ 1150.858528][T23221] vlan2: left promiscuous mode
[ 1150.863437][T23221] vlan1: left promiscuous mode
[ 1150.869107][T23221] bridge0: port 3(vlan2) entered disabled state
[ 1150.905636][T23197] EXT4-fs (loop8): Delayed block allocation failed for inode 18 at logical offset 24 with max blocks 2 with error 28
[ 1150.918251][T23197] EXT4-fs (loop8): This should not happen!! Data will be lost
[ 1150.918251][T23197] 
[ 1150.941768][T23221] bridge_slave_1: left allmulticast mode
[ 1150.948151][T23221] bridge_slave_1: left promiscuous mode
[ 1150.954324][T23221] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1150.998385][T23221] bridge_slave_0: left allmulticast mode
[ 1151.004658][T23221] bridge_slave_0: left promiscuous mode
[ 1151.010871][T23221] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1151.032171][T30351] xt_cluster: you have exceeded the maximum number of cluster nodes (514 > 32)
[ 1151.057082][T23221] team0: Port device geneve1 removed
[ 1151.117715][T30357] loop8: detected capacity change from 0 to 256
[ 1151.132655][T23221] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1151.177895][T23221] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1151.188597][T23221] bond0 (unregistering): Released all slaves
[ 1151.202584][T30349] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1151.241980][T30361] __nla_validate_parse: 1 callbacks suppressed
[ 1151.242001][T30361] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8691'.
[ 1151.264093][T23221] tipc: Disabling bearer <udp:syz2>
[ 1151.269675][T23221] tipc: Left network mode
[ 1151.275704][T30361] netlink: 240 bytes leftover after parsing attributes in process `syz.1.8691'.
[ 1151.288835][T30349] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1151.301103][T30361] netlink: 28 bytes leftover after parsing attributes in process `syz.1.8691'.
[ 1151.342867][T30349] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1151.431470][T30349] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1151.529841][T23221] hsr_slave_0: left promiscuous mode
[ 1151.536702][T23221] hsr_slave_1: left promiscuous mode
[ 1151.545564][T23221] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1151.556793][T23221] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1151.625396][T30372] loop8: detected capacity change from 0 to 1024
[ 1151.646925][T30372] EXT4-fs: Ignoring removed bh option
[ 1151.653005][T23221] team0 (unregistering): Port device team_slave_1 removed
[ 1151.678200][T23221] team0 (unregistering): Port device team_slave_0 removed
[ 1151.695970][T23197] smc: removing ib device syz!
[ 1151.776268][T30349] netdevsim netdevsim9 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1151.844707][T30349] netdevsim netdevsim9 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1152.051435][T30349] netdevsim netdevsim9 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1152.136824][T30349] netdevsim netdevsim9 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1152.627777][T30383] SELinux: syz.9.8700 (30383) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[ 1152.777154][T30385] loop9: detected capacity change from 0 to 256
[ 1153.138700][T30329] chnl_net:caif_netlink_parms(): no params data found
[ 1153.166524][T30403] loop9: detected capacity change from 0 to 1024
[ 1153.200591][T30403] EXT4-fs: Ignoring removed nobh option
[ 1153.207253][T30403] EXT4-fs: Ignoring removed bh option
[ 1153.264308][T30407] loop0: detected capacity change from 0 to 1024
[ 1153.278690][T30407] EXT4-fs: Ignoring removed bh option
[ 1153.328404][T30403] EXT4-fs (loop9): shut down requested (0)
[ 1153.386640][T30329] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1153.394262][T30329] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1153.421538][T30329] bridge_slave_0: entered allmulticast mode
[ 1153.430898][T30329] bridge_slave_0: entered promiscuous mode
[ 1153.440270][T30329] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1153.448028][T30329] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1153.455859][T30329] bridge_slave_1: entered allmulticast mode
[ 1153.463130][T30329] bridge_slave_1: entered promiscuous mode
[ 1153.492605][T30329] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1153.503556][T30329] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1153.530599][T30419] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[ 1153.551235][T30329] team0: Port device team_slave_0 added
[ 1153.558489][T30329] team0: Port device team_slave_1 added
[ 1153.613666][T30329] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1153.620950][T30329] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1153.648533][T30329] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1153.661441][T30426] loop9: detected capacity change from 0 to 2048
[ 1153.692751][T30428] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1153.724424][T30329] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1153.731922][T30329] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1153.759077][T30329] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1153.832854][T30428] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1153.874385][T30329] hsr_slave_0: entered promiscuous mode
[ 1153.884981][T30329] hsr_slave_1: entered promiscuous mode
[ 1153.892628][T30329] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1153.903073][T30329] Cannot create hsr debugfs directory
[ 1153.914126][T30428] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1153.969305][T30428] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1154.029477][T30428] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1154.043414][T30428] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1154.069620][T30428] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1154.079147][T30450] loop0: detected capacity change from 0 to 1024
[ 1154.086257][T30450] EXT4-fs: Ignoring removed nobh option
[ 1154.092031][T30450] EXT4-fs: Ignoring removed bh option
[ 1154.102975][T30428] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1154.114628][T30450] EXT4-fs mount: 36 callbacks suppressed
[ 1154.114645][T30450] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1154.136146][T30450] EXT4-fs (loop0): shut down requested (0)
[ 1154.162442][T22062] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1154.176280][   T29] kauditd_printk_skb: 40 callbacks suppressed
[ 1154.176299][   T29] audit: type=1326 audit(2000000966.310:12945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30455 comm="syz.1.8721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c19dae929 code=0x7ffc0000
[ 1154.221467][   T29] audit: type=1326 audit(2000000966.310:12946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30455 comm="syz.1.8721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c19dae929 code=0x7ffc0000
[ 1154.246250][   T29] audit: type=1326 audit(2000000966.310:12947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30455 comm="syz.1.8721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7c19dae929 code=0x7ffc0000
[ 1154.275125][   T29] audit: type=1326 audit(2000000966.310:12948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30455 comm="syz.1.8721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c19dae929 code=0x7ffc0000
[ 1154.300526][   T29] audit: type=1326 audit(2000000966.310:12949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30455 comm="syz.1.8721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=187 compat=0 ip=0x7f7c19dae929 code=0x7ffc0000
[ 1154.324277][   T29] audit: type=1326 audit(2000000966.310:12950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30455 comm="syz.1.8721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c19dae929 code=0x7ffc0000
[ 1154.349504][   T29] audit: type=1326 audit(2000000966.310:12951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30455 comm="syz.1.8721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7c19dae929 code=0x7ffc0000
[ 1154.375958][   T29] audit: type=1326 audit(2000000966.310:12952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30455 comm="syz.1.8721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c19dae929 code=0x7ffc0000
[ 1154.400434][   T29] audit: type=1326 audit(2000000966.310:12953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30455 comm="syz.1.8721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7c19dae929 code=0x7ffc0000
[ 1154.424360][   T29] audit: type=1326 audit(2000000966.310:12954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30455 comm="syz.1.8721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c19dae929 code=0x7ffc0000
[ 1154.480783][T25100] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[ 1154.638910][T30329] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1154.663643][T30329] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1154.675368][T30329] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1154.685704][T30329] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1154.873423][T30329] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1154.889613][T30497] loop9: detected capacity change from 0 to 2048
[ 1154.904267][T30329] 8021q: adding VLAN 0 to HW filter on device team0
[ 1154.916149][T23220] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1154.923408][T23220] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1154.948937][T30329] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1154.960551][T30329] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1154.987366][   T37] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1154.994839][   T37] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1155.067756][T30465] ==================================================================
[ 1155.076155][T30465] BUG: KCSAN: data-race in __filemap_remove_folio / folio_mapping
[ 1155.084233][T30465] 
[ 1155.086742][T30465] write to 0xffffea000419fd58 of 8 bytes by task 30483 on cpu 0:
[ 1155.094971][T30465]  __filemap_remove_folio+0x1a5/0x2a0
[ 1155.100577][T30465]  filemap_remove_folio+0x6d/0x1d0
[ 1155.106451][T30465]  truncate_inode_folio+0x42/0x50
[ 1155.111893][T30465]  shmem_undo_range+0x244/0xa80
[ 1155.116965][T30465]  shmem_truncate_range+0x27/0x70
[ 1155.122367][T30465]  shmem_setattr+0x7eb/0x840
[ 1155.127391][T30465]  notify_change+0x806/0x890
[ 1155.132182][T30465]  do_truncate+0x13b/0x180
[ 1155.136644][T30465]  vfs_truncate+0x1e8/0x220
[ 1155.141239][T30465]  do_sys_truncate+0x91/0x130
[ 1155.146005][T30465]  __x64_sys_truncate+0x31/0x40
[ 1155.151156][T30465]  x64_sys_call+0x2920/0x2fb0
[ 1155.155980][T30465]  do_syscall_64+0xd2/0x200
[ 1155.160497][T30465]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1155.166402][T30465] 
[ 1155.168830][T30465] read to 0xffffea000419fd58 of 8 bytes by task 30465 on cpu 1:
[ 1155.176585][T30465]  folio_mapping+0xa1/0x120
[ 1155.181200][T30465]  evict_folios+0xdb9/0x33d0
[ 1155.185944][T30465]  try_to_shrink_lruvec+0x45a/0x7e0
[ 1155.191339][T30465]  shrink_lruvec+0x22e/0x1b40
[ 1155.196227][T30465]  shrink_node+0x686/0x2120
[ 1155.200791][T30465]  do_try_to_free_pages+0x3f6/0xcd0
[ 1155.206174][T30465]  try_to_free_mem_cgroup_pages+0x1ab/0x410
[ 1155.212264][T30465]  try_charge_memcg+0x358/0x9e0
[ 1155.217298][T30465]  obj_cgroup_charge_pages+0xa6/0x150
[ 1155.222943][T30465]  __memcg_kmem_charge_page+0x9f/0x170
[ 1155.228432][T30465]  __alloc_frozen_pages_noprof+0x188/0x360
[ 1155.234269][T30465]  alloc_pages_mpol+0xb3/0x250
[ 1155.239054][T30465]  alloc_pages_noprof+0x90/0x130
[ 1155.244062][T30465]  __vmalloc_node_range_noprof+0x6f2/0xe00
[ 1155.250792][T30465]  __kvmalloc_node_noprof+0x30f/0x4e0
[ 1155.256383][T30465]  ip_set_alloc+0x1f/0x30
[ 1155.260901][T30465]  hash_netiface_create+0x282/0x740
[ 1155.266300][T30465]  ip_set_create+0x3cc/0x960
[ 1155.270993][T30465]  nfnetlink_rcv_msg+0x4c3/0x590
[ 1155.276173][T30465]  netlink_rcv_skb+0x123/0x220
[ 1155.281245][T30465]  nfnetlink_rcv+0x16b/0x1690
[ 1155.286051][T30465]  netlink_unicast+0x59e/0x670
[ 1155.291060][T30465]  netlink_sendmsg+0x58b/0x6b0
[ 1155.295862][T30465]  __sock_sendmsg+0x142/0x180
[ 1155.300570][T30465]  ____sys_sendmsg+0x31e/0x4e0
[ 1155.305550][T30465]  ___sys_sendmsg+0x17b/0x1d0
[ 1155.310273][T30465]  __x64_sys_sendmsg+0xd4/0x160
[ 1155.315163][T30465]  x64_sys_call+0x2999/0x2fb0
[ 1155.319893][T30465]  do_syscall_64+0xd2/0x200
[ 1155.324451][T30465]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1155.330565][T30465] 
[ 1155.333185][T30465] value changed: 0xffff888117253928 -> 0x0000000000000000
[ 1155.340491][T30465] 
[ 1155.342814][T30465] Reported by Kernel Concurrency Sanitizer on:
[ 1155.349086][T30465] CPU: 1 UID: 0 PID: 30465 Comm: syz.1.8725 Not tainted 6.16.0-rc2-syzkaller-00047-g52da431bf03b #0 PREEMPT(voluntary) 
[ 1155.361984][T30465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1155.372432][T30465] ==================================================================
[ 1155.390487][T30497] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[ 1155.469007][T30329] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1155.478862][T30510] netlink: 'syz.8.8737': attribute type 3 has an invalid length.
[ 1155.492375][T30510] loop8: detected capacity change from 0 to 512
[ 1155.511431][T30510] EXT4-fs (loop8): external journal device major/minor numbers have changed
[ 1155.580470][T30510] EXT4-fs (loop8): failed to open journal device unknown-block(11,131) -6
[ 1155.634093][T30329] veth0_vlan: entered promiscuous mode
[ 1155.644335][T30329] veth1_vlan: entered promiscuous mode
[ 1155.670083][T30329] veth0_macvtap: entered promiscuous mode
[ 1155.679538][T30329] veth1_macvtap: entered promiscuous mode
[ 1155.697439][T30329] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1155.714735][T30329] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1155.724736][T25100] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[ 1155.728000][T30329] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1155.743610][T30329] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1155.752404][T30329] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1155.761606][T30329] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0